auth.log noise
Below are the top 50 login names when trying to gain access to this web server over the last 4 weeks
Name | Attempts |
---|---|
root | 3273 |
admin | 119 |
mysql | 44 |
test | 110 |
guest | 41 |
user | 37 |
oracle | 37 |
temp | 25 |
sales | 24 |
info | 21 |
webmaster | 21 |
dan | 18 |
postgres | 21 |
robert | 18 |
student | 17 |
ftpuser | 17 |
ftp | 17 |
richard | 16 |
apache | 16 |
web | 15 |
adm | 15 |
webadmin | 15 |
john | 15 |
paul | 15 |
office | 15 |
tony | 14 |
james | 14 |
postfix | 13 |
michael | 13 |
alex | 13 |
david | 13 |
amanda | 13 |
adam | 12 |
mike | 12 |
staff | 12 |
steven | 12 |
recruit | 12 |
jeff | 12 |
pgsql | 12 |
library | 12 |
username | 12 |
frank | 12 |
susan | 11 |
cyrus | 11 |
dave | 11 |
gast | 10 |
postmaster | 10 |
nagios | 10 |
martin | 10 |
admins | 10 |
Note: No external connections are allowed to log in as root (of course)
Note2: After 5 failed login attempt, the IP address is temporary banned (fail2ban)