[wplug] Breakin attempts against the nobody account

[Bill Moran]

I'm sure I'm not the only one seeing this.  I constantly have jackasses
trying to ssh in to my server, in the hopes that I've chosen a really
stupid password for an account.  Usually this is against root, and I'm
guessing such an attack yields a frighteningly high number of successes
when applied against 1000s of machines.

However, I occasionally see the attempt against other accounts ... last
night it was against "nobody".  This surprises me, as any system I've
every seen has the "nobody" account disabled by default, so such an
approach would be pretty much a waste of time.

My question is: Are there systems out there with an unsecured "nobody"
account by default?  Or are there installation profiles that enable the
"nobody" account?

I'm just curious, since I'm not familiar with any way this would ever
work.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com