Logwatch for linode01.ovirt.org (Linux)
################### Logwatch 7.3.6 (05/19/07) #################### Processing Initiated: Wed Oct 9 03:15:33 2013 Date Range Processed: yesterday ( 2013-Oct-08 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: linode01.ovirt.org ################################################################## --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request /releases/nightly/src/%: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 403 Forbidden /wordpress/wp-admin/: 1 Time(s) 404 Not Found /a: 1 Time(s) /admin.php: 14 Time(s) /admin/: 2 Time(s) /admin/board: 1 Time(s) /admin/login.php: 2 Time(s) /administrator/index.php: 15 Time(s) /apple-touch-icon-precomposed.png: 2 Time(s) /apple-touch-icon.png: 2 Time(s) /bitrix/admin/index.php?lang=en: 2 Time(s) /blog/wp-admin/: 1 Time(s) /board: 2 Time(s) /category/news/feed: 1 Time(s) /category/news/feed/: 31 Time(s) /favicon.ico: 781 Time(s) /images/sprites/sprite.png: 1 Time(s) /listinfo/board: 1 Time(s) /mailman/list: 1 Time(s) /mailman/listinfo.: 1 Time(s) /meetings/ovirt/2011/nyhtahjidy.html: 1 Time(s) /meetings/ovirt/2012/ovirt.2013-01-09-15.01.html: 1 Time(s) /meetings/ovirt/2012/ovirt.2013-01-09-15.01.log.html: 1 Time(s) /news-and-events/workshop/: 1 Time(s) /pipermail/arch/2012-february/000228.html: 1 Time(s) /pipermail/arch/2012-february/000286.html: 1 Time(s) /pipermail/arch/2012-february/000315.html: 1 Time(s) /pipermail/board/2012-Feb: 1 Time(s) /pipermail/commits: 1 Time(s) /pipermail/index.php?act=Reg&CODE=00: 1 Time(s) /pipermail/index.php?app=core&module=global§ion=register: 1 Time(s) /pipermail/infra-private/2013-September/thread.html: 1 Time(s) /pipermail/infra/201: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... /thumb.php?src=: 2 Time(s) /pipermail/infra/2012-September/zboard.php?id=blackunix: 1 Time(s) /pipermail/infra/2013-April/002521.html&am ... se.org/good.php: 1 Time(s) /pipermail/infra/2013-April/wp-content/the ... se.org/good.php: 1 Time(s) /pipermail/mom-devel: 1 Time(s) /pipermail/user/register: 3 Time(s) /pipermail/users/2012-November/010822.html ... F0%E0%E2%EA%E8;: 1 Time(s) /pipermail/users/2013-october/016898.html: 4 Time(s) /releases/3.2/rpm/EL/6/.treeinfo: 3 Time(s) /releases/3.2/rpm/EL/6/treeinfo: 3 Time(s) /releases/3.2/tools/ovirt-live-0.9.iso: 1 Time(s) /releases/3.2/tools/ovirt-live-0.97.iso: 1 Time(s) /releases/3.3/iso/ovirt-node-iso-3.1.0-0.999.5.vdsm.fc19.iso: 3 Time(s) /releases/3.3/rpm/EL/6/.treeinfo: 3 Time(s) /releases/3.3/rpm/EL/6/noarch/ovirt-engine ... .el6.noarch.rpm: 3 Time(s) /releases/3.3/rpm/EL/6/noarch/ovirt-host-d ... .el6.noarch.rpm: 1 Time(s) /releases/3.3/rpm/EL/6/noarch/repodata/212 ... mary.sqlite.bz2: 1 Time(s) /releases/3.3/rpm/EL/6/noarch/repodata/?C=S;O=A: 1 Time(s) /releases/3.3/rpm/EL/6/noarch/vdsm-debug-p ... .el6.noarch.rpm: 1 Time(s) /releases/3.3/rpm/EL/6/noarch/vdsm-hook-ch ... .el6.noarch.rpm: 1 Time(s) /releases/3.3/rpm/EL/6/noarch/vdsm-hook-di ... .el6.noarch.rpm: 1 Time(s) /releases/3.3/rpm/EL/6/noarch/vdsm-hook-sc ... .el6.noarch.rpm: 1 Time(s) /releases/3.3/rpm/EL/6/repodata/126dfde761 ... -primary.xml.gz: 1 Time(s) /releases/3.3/rpm/EL/6/repodata/6a5a00e421 ... ee-other.xml.gz: 1 Time(s) /releases/3.3/rpm/EL/6/treeinfo: 3 Time(s) /releases/3.3/rpm/Fedora/18//repodata/repomd.xml: 6 Time(s) /releases/3.3/rpm/Fedora/18/SRPMS/: 1 Time(s) /releases/3.3/rpm/Fedora/18/SRPMS/ovirt-ho ... -1.fc18.src.rpm: 1 Time(s) /releases/3.3/rpm/Fedora/18/i686/vdsm-pyth ... 3.fc18.i686.rpm: 1 Time(s) /releases/3.3/rpm/Fedora/18/noarch/repodat ... -primary.xml.gz: 1 Time(s) /releases/3.3/rpm/Fedora/18/noarch/repodata/repomd.xml: 1 Time(s) /releases/3.3/rpm/Fedora/18/repodata/?C=N;O=A: 1 Time(s) /releases/3.3/rpm/Fedora/18/repodata/repomd.xml: 6 Time(s) /releases/3.3/rpm/Fedora/18/x86_64/?C=D;O=A: 1 Time(s) /releases/3.3/rpm/Fedora/19/SRPMS/ovirt-ho ... -1.fc19.src.rpm: 1 Time(s) /releases/3.3/rpm/Fedora/19/noarch/repodat ... 13-other.xml.gz: 1 Time(s) /releases/3.3/rpm/Fedora/19/noarch/repodat ... mary.sqlite.bz2: 1 Time(s) /releases/3.3/rpm/Fedora/19/noarch/repodata/repomd.xml: 1 Time(s) /releases/3.3/rpm/Fedora/19/repodata/f1651 ... ists.sqlite.bz2: 1 Time(s) /releases/3.4: 1 Time(s) /releases/beta.old.20120808/rpm/Fedora/17/?C=N;O=D: 1 Time(s) /releases/beta.old.20120808/rpm/Fedora/?C=N%3bO=A: 1 Time(s) /releases/beta/fedora/17/repodata/repomd.xml: 2 Time(s) /releases/beta/rpm/EL/$releasever/: 1 Time(s) /releases/beta/rpm/EL/6Server/repodata/repomd.xml: 1 Time(s) /releases/beta/rpm/Fedora/17/repodata/primary.xml.gz: 1 Time(s) /releases/beta/rpm/Fedora/17/repodata/repomd.xml: 9 Time(s) /releases/beta/rpm/Fedora/19/x86_64/repodata/repomd.xml: 1 Time(s) /releases/nightly/RHEL/6/repodata/repomd.xml: 2 Time(s) /releases/nightly/fedora/16/ovirt-engine-s ... -1.fc16.src.rpm: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine.repo: 1 Time(s) /releases/nightly/fedora/16/repodata/repomd.xml: 199 Time(s) /releases/nightly/rpm/EL/6/SRPMS/ovirt-iso ... 51d.el6.src.rpm: 1 Time(s) /releases/nightly/rpm/EL/6/hooks/vdsm-hook ... .el6.noarch.rpm: 1 Time(s) /releases/nightly/rpm/EL/6/noarch/ovirt-en ... .el6.noarch.rpm: 2 Time(s) /releases/nightly/rpm/EL/6/noarch/ovirt-is ... .el6.noarch.rpm: 1 Time(s) /releases/nightly/rpm/EL/6/noarch/vdsm-api ... .el6.noarch.rpm: 1 Time(s) /releases/nightly/rpm/EL/6/noarch/vdsm-hoo ... .el6.noarch.rpm: 3 Time(s) /releases/nightly/rpm/EL/6/repodata/1e7ab0 ... 34-other.xml.gz: 1 Time(s) /releases/nightly/rpm/EL/6/x86_64/vdsm-pyt ... .el6.x86_64.rpm: 1 Time(s) /releases/nightly/rpm/EL/6Server/repodata/repomd.xml: 4 Time(s) /releases/nightly/rpm/Fedora/17/repodata/7 ... ists.sqlite.bz2: 2 Time(s) /releases/nightly/rpm/Fedora/17/repodata/8 ... 3a-other.xml.gz: 1 Time(s) /releases/nightly/rpm/Fedora/17/repodata/repomd.xml: 36 Time(s) /releases/nightly/rpm/Fedora/18/SRPMS/ovir ... 21.fc18.src.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/SRPMS/ovir ... 23.fc18.src.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/SRPMS/vdsm ... b6.fc18.src.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/SRPMS/vdsm ... cc.fc18.src.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/noarch/oto ... fc18.noarch.rpm: 2 Time(s) /releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 5 Time(s) /releases/nightly/rpm/Fedora/18/noarch/vds ... fc18.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/0 ... ther.sqlite.bz2: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/1 ... ther.sqlite.bz2: 5 Time(s) /releases/nightly/rpm/Fedora/18/repodata/6 ... ists.sqlite.bz2: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/6 ... ther.sqlite.bz2: 23 Time(s) /releases/nightly/rpm/Fedora/18/repodata/9 ... -primary.xml.gz: 1 Time(s) /releases/nightly/rpm/Fedora/18/x86_64/vds ... fc18.x86_64.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/19/SRPMS/otop ... 30.fc19.src.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/19/SRPMS/otop ... 55.fc19.src.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/19/noarch/mom ... fc19.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/19/noarch/ovi ... fc19.noarch.rpm: 23 Time(s) /releases/nightly/rpm/Fedora/19/noarch/vds ... fc19.noarch.rpm: 16 Time(s) /releases/nightly/rpm/Fedora/19/repodata/4 ... ilelists.xml.gz: 1 Time(s) /releases/nightly/rpm/Fedora/19/repodata/7 ... ther.sqlite.bz2: 1 Time(s) /releases/nightly/rpm/Fedora/19/repodata/f ... ther.sqlite.bz2: 2 Time(s) /releases/nightly/rpm/Fedora/19/x86_64/vds ... fc19.x86_64.rpm: 1 Time(s) /releases/node-base/beta/rpm/Fedora/19/rep ... -primary.xml.gz: 1 Time(s) /releases/ovirt-release-@distro@.noarch.rpm: 3 Time(s) /releases/ovirt-release-centos.noarch.rpm: 1 Time(s) /releases/ovirt-release-el-8-1.noarch.rpm: 1 Time(s) /releases/ovirt-release-el6.noarch.rpm: 1 Time(s) /releases/ovirt-release-f19.noarch.rpm: 1 Time(s) /releases/ovirt-release-fed.noarch.rpm: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... -amd64/Packages: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... /Translation-en: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... /raring/Release: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... 386/Packages.gz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... 386/Packages.xz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... 4/Packages.lzma: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... 6/Packages.lzma: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... 64/Packages.bz2: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... 86/Packages.bz2: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... anslation-en.gz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... anslation-en.xz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... anslation-en_US: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... ation-en_US.bz2: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... d64/Packages.gz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... d64/Packages.xz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... ing/Release.gpg: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... lation-en_US.gz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... lation-en_US.xz: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... nslation-en.bz2: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... slation-en.lzma: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... tion-en_US.lzma: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm/ ... y-i386/Packages: 1 Time(s) /releases/stable/binary/: 3 Time(s) /releases/stable/binary/md5sum: 1 Time(s) /releases/stable/fedora/: 1 Time(s) /releases/stable/fedora/16/: 3 Time(s) /releases/stable/fedora/16/ovirt-engine.repo: 2 Time(s) /releases/stable/fedora/16/repodata/repomd.xml: 226 Time(s) /releases/stable/ovirt-engine.repo: 5 Time(s) /releases/stable/ovirt.repo: 2 Time(s) /releases/stable/rpm/EL/6.3/repodata/repomd.xml: 5 Time(s) /releases/stable/rpm/EL/6.4: 1 Time(s) /releases/stable/rpm/EL/6.4/repodata/repomd.xml: 14 Time(s) /releases/stable/rpm/EL/6/noarch/repodata/repomd.xml: 2 Time(s) /releases/stable/rpm/EL/6/repodata/07a37d6 ... mary.sqlite.bz2: 1 Time(s) /releases/stable/rpm/EL/6/repodata/5dedf6b ... mary.sqlite.bz2: 8 Time(s) /releases/stable/rpm/EL/6/x86_64/glusterfs ... .el6.x86_64.rpm: 2 Time(s) /releases/stable/rpm/EL/6Server/repodata/repomd.xml: 25 Time(s) /releases/stable/rpm/EL/6Workstation/repodata/repomd.xml: 8 Time(s) /releases/stable/rpm/EL6/6/repodata/repomd.xml: 10 Time(s) /releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 6 Time(s) /releases/stable/rpm/Fedora/11/repodata/repomd.xml: 1 Time(s) /releases/stable/rpm/Fedora/16/repodata/repomd.xml: 45 Time(s) /releases/stable/rpm/Fedora/19/repodata/11 ... ilelists.xml.gz: 1 Time(s) /releases/stable/rpm/Fedora/19/repodata/5a ... mary.sqlite.bz2: 3 Time(s) /releases/stable/rpm/Fedora/19/repodata/f1 ... ists.sqlite.bz2: 3 Time(s) /releases/stable/rpm/Fedora/19/repodata/repodata/repomd.xml: 1 Time(s) /releases/stable/rpm/Fedora/20/repodata/repomd.xml: 1 Time(s) /releases/stable/rpm/Fedora/6.4/repodata/repomd.xml: 2 Time(s) /releases/stable/rpm/Fedora/6Server/repodata/repomd.xml: 1 Time(s) /releases/stable/src/ovirt-node-2.2.2.tar.gz: 1 Time(s) /releases/updates-testing/rpm/EL/6.4/repodata/repomd.xml: 2 Time(s) /releases/updates-testing/rpm/EL/6/i686/vd ... 18.el6.i686.rpm: 1 Time(s) /releases/updates-testing/rpm/EL/6/noarch/ ... .el6.noarch.rpm: 2 Time(s) /releases/updates-testing/rpm/EL/6/repodat ... -primary.xml.gz: 1 Time(s) /releases/updates-testing/rpm/EL/6/repodat ... ists.sqlite.bz2: 1 Time(s) /releases/updates-testing/rpm/EL/6/x86_64/ ... .el6.x86_64.rpm: 2 Time(s) /releases/updates-testing/rpm/Fedora/18/?C=S;O=A: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/SRPMS/: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/SRPMS/?C=D;O=A: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/SRPMS/?C=N;O=A: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/i686/?C=N;O=D: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/no ... fc18.noarch.rpm: 4 Time(s) /releases/updates-testing/rpm/Fedora/18/re ... -primary.xml.gz: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/re ... bb-other.xml.gz: 1 Time(s) /releases/updates-testing/rpm/Fedora/18/x86_64/?C=N;O=A: 1 Time(s) /releases/updates-testing/rpm/Fedora/19/i6 ... 8.fc19.i686.rpm: 1 Time(s) /releases/updates-testing/rpm/Fedora/19/no ... fc19.noarch.rpm: 1 Time(s) /releases/updates-testing/rpm/Fedora/19/re ... 0c-other.xml.gz: 1 Time(s) /releases/updates-testing/rpm/Fedora/6Serv ... data/repomd.xml: 1 Time(s) /robots.txt: 63 Time(s) /user/: 2 Time(s) /user/register: 2 Time(s) /wp-admin/: 1 Time(s) /wp-content/themes/freshnews/thumb.php?src=: 2 Time(s) /wp-content/themes/mainstream/thumb.php?sr ... se.org/good.php: 1 Time(s) /wp-login.php: 18 Time(s) /wp-login.php?action=register: 3 Time(s) /wp/wp-admin/: 1 Time(s) /xhgkmizhjzunwqky.html: 1 Time(s) /zboard.php?id=blackunix: 1 Time(s) http://www.ovirt.org/azenv.php: 2 Time(s) 416 Request Range Not Satisfiable /releases/beta/rpm/Fedora/19/noarch/vdsm-c ... fc19.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 2 Time(s) /releases/stable/rpm/Fedora/17/noarch/old/ ... fc17.noarch.rpm: 60 Time(s) /releases/stable/rpm/Fedora/17/noarch/ovir ... fc17.noarch.rpm: 114 Time(s) /releases/stable/rpm/Fedora/17/x86_64/ovir ... fc17.x86_64.rpm: 24 Time(s) /releases/stable/rpm/Fedora/18/noarch/otop ... fc18.noarch.rpm: 1 Time(s) /releases/stable/rpm/Fedora/18/noarch/ovir ... fc18.noarch.rpm: 6 Time(s) /releases/stable/rpm/Fedora/18/noarch/vdsm ... fc18.noarch.rpm: 1 Time(s) /releases/stable/rpm/Fedora/19/noarch/vdsm ... fc19.noarch.rpm: 1 Time(s) /releases/stable/rpm/Fedora/19/x86_64/vdsm ... fc19.x86_64.rpm: 2 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ su-l: Sessions Opened: root -> root: 1 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 17 *Warning: Pre-queue content-filter connection overload 3 Postfix communications error 27.912M Bytes accepted 29,267,523 293.943M Bytes delivered 308,221,538 ======== ================================================ 2954 Accepted 99.53% 14 Rejected 0.47% -------- ------------------------------------------------ 2968 Total 100.00% ======== ================================================ 4 Reject relay denied 28.57% 10 Reject unknown user 71.43% -------- ------------------------------------------------ 14 Total Rejects 100.00% ======== ================================================ 1767 Connections made 5 Connections lost 1767 Disconnections 2942 Removed from queue 1152 Delivered 52627 Sent via SMTP 9 Forwarded 34 Deferred 243 Deferrals 40 Bounce (local) 19 Bounce (remote) 51 DSNs undeliverable 366 Connection failure (outbound) 32 Timeout (inbound) 80 Hostname verification errors 632 Enabled PIX workaround ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: jenkins (42931862) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Users logging in through sshd: ekohl: 217.119.231.199 (bogey.xentower.nl): 1 time gerrit-backup: 107.22.212.69 (gerrit.ovirt.org): 2 times jenkins: 108.166.47.32: 1 time jslave: 54.226.63.241 (ec2-54-226-63-241.compute-1.amazonaws.com): 1 time mburns: 107.3.82.202 (c-107-3-82-202.hsd1.ct.comcast.net): 1 time quaid: 50.1.98.25 (50-1-98-25.dsl.dynamic.sonic.net): 1 time Received disconnect: 11: Bye Bye : 2176 Time(s) 11: disconnected by user : 3 Time(s) SFTP subsystem requests: 2 Time(s) **Unmatched Entries** Address 198.7.63.240 maps to hosted-by.leaseweb.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 6 time(s) reverse mapping checking getaddrinfo for ip223.hichina.com [223.4.145.38] failed - POSSIBLE BREAK-IN ATTEMPT! : 455 time(s) ---------------------- SSHD End ------------------------- --------------------- Sudo (secure-log) Begin ------------------------ ============================================================================== ekohl => root ------------- /bin/bash - 1 Times. ============================================================================== mburns => root -------------- /bin/su - 1 Times. ---------------------- Sudo (secure-log) End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/xvda 59G 41G 19G 70% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################
Hi, I see again quite a lot of "POSSIBLE BREAK-IN ATTEMPT" alerts lately mainly originating from *hichina.com Could you guys please address this? Thanks On 10/09/2013 09:15 AM, logwatch@linode01.ovirt.org wrote:
SFTP subsystem requests: 2 Time(s)
**Unmatched Entries** Address 198.7.63.240 maps to hosted-by.leaseweb.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 6 time(s) reverse mapping checking getaddrinfo for ip223.hichina.com [223.4.145.38] failed - POSSIBLE BREAK-IN ATTEMPT! : 455 time(s)
-- Regards, Vinzenz Feenstra | Senior Software Engineer RedHat Engineering Virtualization R & D Phone: +420 532 294 625 IRC: vfeenstr or evilissimo Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com
On Wed, Oct 09, 2013 at 10:41:36AM +0200, Vinzenz Feenstra wrote:
I see again quite a lot of "POSSIBLE BREAK-IN ATTEMPT" alerts lately mainly originating from *hichina.com
Could you guys please address this? Thanks
What do you think of disabling SSH passwords and use just SSH keys? Fairly easy to roll out using puppet and thanks to puppet we also have most of our keys installed. It will mean that we might need to install some more keys for a few people and it may not stop the possible break in attempts in the logs (because those are because of incorrect forward + reverse DNS), but should make it more secure.
I did this for all jenkins slaves on rackspace* servers. So +1 for the idea. - Kiril ----- Original Message -----
From: "Ewoud Kohl van Wijngaarden" <ewoud+ovirt@kohlvanwijngaarden.nl> To: infra@ovirt.org Sent: Wednesday, October 9, 2013 12:18:02 PM Subject: Re: Security
On Wed, Oct 09, 2013 at 10:41:36AM +0200, Vinzenz Feenstra wrote:
I see again quite a lot of "POSSIBLE BREAK-IN ATTEMPT" alerts lately mainly originating from *hichina.com
Could you guys please address this? Thanks
What do you think of disabling SSH passwords and use just SSH keys? Fairly easy to roll out using puppet and thanks to puppet we also have most of our keys installed. It will mean that we might need to install some more keys for a few people and it may not stop the possible break in attempts in the logs (because those are because of incorrect forward + reverse DNS), but should make it more secure. _______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra
participants (4)
-
Ewoud Kohl van Wijngaarden -
Kiril Nesenko -
logwatch@lists.ovirt.org -
Vinzenz Feenstra