On Wed, Apr 25, 2001 at 01:03:28PM -0500, hanasaki wrote:
> The below turned up in my syslog the other day... Can someone please
> explain it?
>
> TIA
>
> Apr 25 00:45:00 portal sshd[23291]: Faking authloop for illegal user
> administrator from 4.60 ...
It means that someone tried to ssh in with the username of
'administrator' and sshd faked the authorization to not divulge that the
username was not valid. (ie, it pretended the username/password pair
was invalid, not that the username itself was).
This limits the amount of information given to probers (ie, they can't
tell if they should try a different username or a different password).
--
CueCat decoder .signature by Larry Wall:
#!/usr/bin/perl -n
printf "Serial: %s Type: %s Code: %s\n", map { tr/a-zA-Z0-9+-/ -_/; $_ = unpack
'u', chr(32 + length()*3/4) . $_; s/\0+$//; $_ ^= "C" x length; } /\.([^.]+)/g;
