Windows XP Starter Edition: Microsoft’s attempt to stop the widespread piracy of the full version of Windows XP. The ‘Lite’ version will only be available to users in Asia and is essentially a stripped-down edition of the full OS at a much reduced price. One of the limitations is that you can
only run three programs simultaneously – OK, that’s one application after running your anti-virus and firewall. Can’t see Microsoft succeeding here, by crippling their product.
Old kit: Last week we were dissecting a couple of old rack servers, both Pentium Pro 200MHz systems. One is nominally ‘broken’, but when opening the cases we discovered that they contained dual-processor capable boards. So, stick both CPUs into the same box and then do a bit of detective work to figure out which motherboard it has. Seems that the four 32MB sticks of RAM can be upgraded to four 128MB sticks, giving 512MB in total, which will make for quite a nice little system. Good, solid, rack case too. Maybe we should spray-paint it black.
SSH security: Noticed over the last couple of weeks a sudden rise in the number of attempted unauthorized remote logins to my servers – basically loads of failed root SSH logins from gazillions of different locations. For the first week, I dutifully notified the abuse@ addresses corresponding to the source of the attempted connections. Out of 20 notifications sent, I got one proper response (not counting autoresponses from the abuse address). The response was vaguely reassuring, after my report (and possibly others) helped to identify a
machine that had been compromised (and the connections I was seeing were coming from that system):
“The IP that falls within our allocation is assigned to our customer. I have been informed by them that the infected box was cleaned yesterday so you should not see any more from this IP. We have verified that the system in question has been re-imaged.”
However, the lack of response from other abuse admins and the huge rise in attempted connections has made be stop reporting all this. I’m just making sure that the system is secure as I can make it (‘public key logins’ only, for root,
amongst other things).
http://seclists.org/lists/incidents/2004/Jul/0065.html seems related to the SSH login problems you’ve had.
PermalinkAh, interesting – sounds like what I’ve been seeing, certainly. Was wondering about changing the SSH port – which someone on that site mentions – as an additional measure. Not much use on its own, but it would stop log clutter if nothing else, I suppose.
Permalink