MySQL Lists: packagers: Re: automated search for open mysql system user accounts? (fwd)

List:	Packagers	« Previous Message Next Message »
From:	Michal Marek	Date:	October 22 2007 12:51pm
Subject:	Re: automated search for open mysql system user accounts? (fwd)
View as plain text

Lenz Grimmer napsal(a):
> we received the following note from the folks at openSUSE today. Did anybody of
> you observe similar activity on publicly accessible systems? I wonder if there
> is some known vulnerability that these login attempts try to exploit? A MySQL
> user account with a known password or no password? Or do they just do
> brute-force attempts?
> 
> Darix reported log entries similar to this one on IRC to me:
> 
> Oct 22 12:16:47 zen sshd[5122]: error: PAM: Authentication failure for mysql from
> 62.242.188.78

It tried ssh to the 62.242.188.78 host and it it's no rocket science to 
guess a valid username/password pair. So I'd say it's just a worm 
brute-forcing weak passwords, nothing new :)

have a nice day,
Michal

Thread
• automated search for open mysql system user accounts? (fwd)	Lenz Grimmer	22 Oct
• Re: automated search for open mysql system user accounts? (fwd)	Michal Marek	22 Oct
• Re: automated search for open mysql system user accounts? (fwd)	Michael Shigorin	22 Oct