답없는 FTP 해킹시도

Posted at 2012.10.30 00:37 | Posted in 컴퓨터 이야기
#Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem sc-status sc-win32-status sc-substatus x-session x-fullpath
2012-10-28 00:11:41 173.199.180.8 - 210.91.178.211 21 ControlChannelOpened - - 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:11:41 173.199.180.8 - 210.91.178.211 21 USER administrator 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:11:41 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:11:55 173.199.180.8 - 210.91.178.211 21 USER administrator 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:11:55 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:11:55 173.199.180.8 - 210.91.178.211 21 USER user 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:11:55 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:12:09 173.199.180.8 - 210.91.178.211 21 USER user 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:09 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:09 173.199.180.8 - 210.91.178.211 21 USER administrador 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:09 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:12:23 173.199.180.8 - 210.91.178.211 21 USER administrador 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:23 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:23 173.199.180.8 - 210.91.178.211 21 USER test 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:24 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:12:37 173.199.180.8 - 210.91.178.211 21 USER test 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:37 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:38 173.199.180.8 - 210.91.178.211 21 USER administrateur 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:38 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:12:51 173.199.180.8 - 210.91.178.211 21 USER administrateur 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:52 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:52 173.199.180.8 - 210.91.178.211 21 USER dave 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:12:52 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:13:06 173.199.180.8 - 210.91.178.211 21 USER dave 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:06 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:06 173.199.180.8 - 210.91.178.211 21 USER apple 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:06 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:13:20 173.199.180.8 - 210.91.178.211 21 USER apple 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:20 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:20 173.199.180.8 - 210.91.178.211 21 USER "null" 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:20 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:13:34 173.199.180.8 - 210.91.178.211 21 USER "null" 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:34 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:34 173.199.180.8 - 210.91.178.211 21 USER orange 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:34 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:13:48 173.199.180.8 - 210.91.178.211 21 USER orange 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:48 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:48 173.199.180.8 - 210.91.178.211 21 USER setup 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:13:49 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:14:02 173.199.180.8 - 210.91.178.211 21 USER setup 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:02 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:03 173.199.180.8 - 210.91.178.211 21 USER 123456 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:03 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:14:16 173.199.180.8 - 210.91.178.211 21 USER 123456 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:16 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:17 173.199.180.8 - 210.91.178.211 21 USER password 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:17 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:14:30 173.199.180.8 - 210.91.178.211 21 USER password 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:31 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:31 173.199.180.8 - 210.91.178.211 21 USER 123 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:31 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:14:45 173.199.180.8 - 210.91.178.211 21 USER 123 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:45 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:45 173.199.180.8 - 210.91.178.211 21 USER abascus 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:45 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:14:59 173.199.180.8 - 210.91.178.211 21 USER abascus 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:59 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:59 173.199.180.8 - 210.91.178.211 21 USER 1 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:14:59 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:15:13 173.199.180.8 - 210.91.178.211 21 USER 1 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:13 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:13 173.199.180.8 - 210.91.178.211 21 USER admin123 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:14 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
..
2012-10-28 00:15:27 173.199.180.8 - 210.91.178.211 21 USER admin123 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:27 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:28 173.199.180.8 - 210.91.178.211 21 USER welcome 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:28 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:15:41 173.199.180.8 - 210.91.178.211 21 USER welcome 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:41 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:42 173.199.180.8 - 210.91.178.211 21 USER 12345678 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:42 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:15:55 173.199.180.8 - 210.91.178.211 21 USER 12345678 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:56 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:56 173.199.180.8 - 210.91.178.211 21 USER qwerty 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:15:56 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:16:10 173.199.180.8 - 210.91.178.211 21 USER qwerty 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:10 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:10 173.199.180.8 - 210.91.178.211 21 USER 1q2w3e 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:10 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:16:24 173.199.180.8 - 210.91.178.211 21 USER 1q2w3e 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:24 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:24 173.199.180.8 - 210.91.178.211 21 USER qwerasdf 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:24 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:16:38 173.199.180.8 - 210.91.178.211 21 USER qwerasdf 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:38 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:38 173.199.180.8 - 210.91.178.211 21 USER admin 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:38 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:16:52 173.199.180.8 - 210.91.178.211 21 USER admin 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:52 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:52 173.199.180.8 - 210.91.178.211 21 USER pass123 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:16:53 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:17:06 173.199.180.8 - 210.91.178.211 21 USER pass123 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:06 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:07 173.199.180.8 - 210.91.178.211 21 USER Admin 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:07 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:17:20 173.199.180.8 - 210.91.178.211 21 USER Admin 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:21 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:21 173.199.180.8 - 210.91.178.211 21 USER demo 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:21 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:17:34 173.199.180.8 - 210.91.178.211 21 USER demo 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:35 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:35 173.199.180.8 - 210.91.178.211 21 USER netgear1 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:35 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:17:49 173.199.180.8 - 210.91.178.211 21 USER netgear1 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:49 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:49 173.199.180.8 - 210.91.178.211 21 USER teste 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:17:49 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:18:03 173.199.180.8 - 210.91.178.211 21 USER teste 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:03 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:03 173.199.180.8 - 210.91.178.211 21 USER garage 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:03 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:18:17 173.199.180.8 - 210.91.178.211 21 USER garage 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:17 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:17 173.199.180.8 - 210.91.178.211 21 USER info 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:18 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:18:31 173.199.180.8 - 210.91.178.211 21 USER info 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:31 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:31 173.199.180.8 - 210.91.178.211 21 USER postmaster 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:32 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:18:45 173.199.180.8 - 210.91.178.211 21 USER postmaster 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:45 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:46 173.199.180.8 - 210.91.178.211 21 USER backup 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:18:46 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:18:59 173.199.180.8 - 210.91.178.211 21 USER backup 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:00 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:00 173.199.180.8 - 210.91.178.211 21 USER spam 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:00 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:19:13 173.199.180.8 - 210.91.178.211 21 USER spam 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:14 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:14 173.199.180.8 - 210.91.178.211 21 USER access 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:14 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:19:28 173.199.180.8 - 210.91.178.211 21 USER access 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:28 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:28 173.199.180.8 - 210.91.178.211 21 USER sysadmin 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:28 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
...
2012-10-28 00:19:42 173.199.180.8 - 210.91.178.211 21 USER sysadmin 331 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:42 173.199.180.8 - 210.91.178.211 21 PASS *** 530 1326 41 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -
2012-10-28 00:19:42 173.199.180.8 - 210.91.178.211 21 ControlChannelClosed - - 0 0 a7fd955a-cec2-4c15-9ad2-c835d5575cc7 -

일요일 0시 11분부터 20분까지 가장 널리 퍼지고 시간 버리기엔 최고라는 무차별 대입 공격이 FTP를 대상으로 시도되었다. 왜 하필 FTP를 공격했나 생각해봤지만 그 이유는 끝내 추적하지 못했고, 공격자를 "초딩" 혹은 "땅굴 파기 꿈나무" 정도로 판단했다.

공격자가 공격 시도한 계정은 모두 "시스템 계정" 혹은 "치기 쉬운 계정"이었다. 각 계정당 평균 24회의 비밀번호 무차별 대입을 했으며, 그 비밀번호는 123456 같은 "매우 단순한" 것이라 생각된다.

여기서 주목해야 될 점은, 보통의 서버 관리자라면 "시스템 계정에는 FTP 루트 디렉터리를 주지 않는다"는 것이다. 애초에 시스템 계정으로 FTP에 접속할 일은 절대 없으며 불편한 FTP로 서버를 관리하는 것보다 SSH로 하는게 훨씬 편하다.

별 볼일 없는 땅굴 파기 꿈나무(혹은 초딩)의 공격이었지만 비밀번호는 특수문자와 영어 대소문자, 숫자를 섞어서 6자 이상으로 만드는 것이 좋다는 불변의 진리를 다시 한 번 확인하는 좋은 계기가 됐다.

저작자 표시 비영리
신고
  1. conor123481
    헉;; 저도 비번 바꿔야겠네요;;
    전 웹사이트 아이디 해킹당했었는데 그 아이디의 비밀번호가 MySQL 비번과 같다는;;
  2. 비밀댓글입니다
  3. 나도 수시로 ftp 무차별 해킹당하는데 대부분이 보안 정책에 따라 차단되긴 했지만..
    내쪽 시도한 ip리스트라도 보내줄까
    • 2013.06.17 22:52 신고 [Edit/Del]
      어이쿠ㅋ
      전 저 때 잠깐 저러고 다음부턴 시도도 안하더라고요
      5번 실패시 3분 기다리는 것 때문에 그런지 뭔지~
    • 2013.06.18 04:21 신고 [Edit/Del]
      나는 그것도 기다리면서 줄기차게 들어오더라 아이피 두세개 동시에 돌려가면서 어휴;;
      뭐 털어갈게 있다고..
      아예 라우터 수준에서 차단시켜버림 Firewall 정책으로
  4. 이 IP 미국 껀데 ㄷㄷ;
    근데 홈페이지도 있어서 초딩은 아닌듯
    (Cpanel 까지)

Name __

Password __

Link (Your Website)

Comment