- Mar 3, 2003
- 5,224
- 306
- 126
Ok, so my ftp server is getting nailed by a computer in china with repeated hack attempts.
Out of curiosity I portscanned the offending computer. It spat out a bunch of open ports - the most interesting being an SSH port.
The box, when http'd to, is an apache server that has never been changed from the "It worked" http screen you get when you set it up.
I've never dealt with SSH in the least. Is there a way to figure out what computer is use the SSH connection? When I connect to the port it gives me the SSH version number, etc. Please note - I don't want to hack this thing, I just want to trace it back to the offending computer.
Out of curiosity I portscanned the offending computer. It spat out a bunch of open ports - the most interesting being an SSH port.
The box, when http'd to, is an apache server that has never been changed from the "It worked" http screen you get when you set it up.
I've never dealt with SSH in the least. Is there a way to figure out what computer is use the SSH connection? When I connect to the port it gives me the SSH version number, etc. Please note - I don't want to hack this thing, I just want to trace it back to the offending computer.
Facebook
Twitter