- Análise de VulnerabilidadesAnálise de Tráfego e Logs
- Ataques e Golpes e AmeaçasForça Bruta
- AAA: Autenticação, Autorização e Auditoria
Um administrador de redes ao visualizar o log de acessos ao servidor principal, percebeu as seguintes mensagens:
Aug 24 17:54:18 server sshd[97026]: error: PAM: authentication error for illegal user support from 125.212.234.99
Aug 24 17:54:19 server sshd[97026]: error: Received disconnect from 125.212.234.99: 3:com.jcraft.jsch.JSchException: Auth cancel [preauth]
Aug 24 19:48:56 server sshd[97713]: error: PAM: authentication error for illegal user support from 125.212.234.99
Aug 24 19:48:56 server sshd[97713]: error: Received disconnect from 125.212.234.99: 3: om.jcraft.jsch.JSchException: Auth cancel [preauth]
Aug 24 19:48:58 server sshd[97715]: error: PAM: authentication error for illegal user support from 125.212.234.99
Aug 24 19:48:58 server sshd[97715]: error: Received disconnect from 125.212.234.99: 3: om.jcraft.jsch.JSchException: Auth cancel [preauth]
Aug 24 19:48:59 server sshd[97718]: error: PAM: authentication error for illegal user support from 125.212.234.99
Aug 24 19:48:59 server sshd[97720]: error: PAM: authentication error for illegal user support from 125.212.234.99
Essas mensagens indicam que o servidor está sofrendo
