View Single Post
  #3   (View Single Post)  
Old 19th July 2012
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by kallistoteles View Post
It constantly filles up with failed logins for diffrent random users including root. I think it's around 600/day...
It is most likely a dictionary attack. Someone has assembled a list of "common" account names, & by brute force is determining whether any accounts on your system are so named. If an account is found, it will then attempt to open the account with "common" passwords.

One of the things this sort of act proves is that as a sysadmin, you should ensure that common passwords are being used on your system(s). Dissuading use of common account names isn't such a bad idea either.
Reply With Quote