Main /
LinuxSecurityRe:Ask Slashdot (Score:4, Interesting) I see a lot of seemingly valid logins (could be valid, but not on my system...) Running awk 'gsub(".*sshd.*Failed password for (invalid user )?", "") {print $1}' /var/log/secure* | sort | uniq -c | sort -rn | head -10'> yields 279 root so, we have 6 that often are valid, a very common name, two that almost could be valid (info and webmaster), and one nonsense. Only one account on that system has ssh allowed, and it's certainly not root. Aldaba Knocking Suite: Port Knocking and SPA system for Linux |