1 |
On Thursday 23 June 2011 10:22:47 Joost Roeleveld did opine thusly: |
2 |
> On Wednesday 22 June 2011 18:02:39 Alan McKinnon wrote: |
3 |
> > But all this was mild compared to what I did yesterday. You know |
4 |
> > that notice on the console when you get sudo wrong? It says the |
5 |
> > incident "will be reported" |
6 |
> > |
7 |
> > OK. But to whom? On my shell boxes it gets reported to me. And |
8 |
> > yesterday this is what it said: |
9 |
> > |
10 |
> > <host> : Jun 21 11:55:25 : <user> : 1 incorrect password attempt |
11 |
> > ; TTY=pts/194 ; PWD=/some/path ; USER=root ; COMMAND=init 6 |
12 |
> > |
13 |
> > 500 concurrent sessions on that box is routine, it's a major |
14 |
> > gateway server. That poor user has not recovered yet. |
15 |
> |
16 |
> You mean, he (or she) will eventually recover? |
17 |
> |
18 |
> Am curious though, why the attempt for a reboot? |
19 |
|
20 |
It happens about once a week on average - most of those users have |
21 |
multiple telnet sessions open from the Linux machine to Cisco routers. |
22 |
|
23 |
Every time so far they really do want to run sudo, but type it into |
24 |
the wrong terminal. |
25 |
|
26 |
Or worse, they use PuTTY and right-click - PuTTY deals with the cut |
27 |
buffer very differently to the norm on Windows, and right-click |
28 |
doesn't give the usual context menu - by default it's the paste |
29 |
function |
30 |
|
31 |
|
32 |
-- |
33 |
alan dot mckinnon at gmail dot com |