FTP attack
The FTP log has increased in size yesterday – about 350 Kb, just by one address thinking this is a Windows box might have been easy to crack – or crash:
%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from 121.124.27.222 at 24-JUL-2009 14:55:16.70
%TCPIP-E-FTP_LOGFAL, remote interactive login failure Administrator
-TCPIP-I-FTP_NODE, client host name: 121.124.27.222
-LOGIN-F-NOSUCHUSER, no such user
and it continues with this username – 2282 times. According the online system performance logs, it has taken about 30 minutes: elevated CPU activity and paging (maibnly soft-paging) and a bit more direct and buffered IO. Nothing hazardous – it’s not a Windows box, though the person trying seems to think so.
I checked tha address – and it’s Korean. The ISP it belongs to, has been notified of this abuse attempt.
Main page to be updated
I also noticed that the main page hasn’t been updated after last boot, following the power outage. Shame on me – but it will be taken care of tomorrow.
And by the way: IssiNoho – the VAMP site – is back inline again – though not yet on OpenVMS but Iain is working on it. So I revived the link 🙂