4 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
Hi, Chris, thanks for replying
of course, follow
]0;root@ip-172-30-102-209: ~root@ip-172-30-102-209:~# scp batman.txt server01:~
ssh: Could not resolve hostname server01: Temporary failure in name resolution
lost connection
]0;root@ip-172-30-102-209: ~root@ip-172-30-102-209:~# scp batman.txt server01:~[1P:~[1P:~[1P:~[1P:~[1P:~[1P:~[1P:~[1P:~[1P:~ :~1:~2:~7:~.:~0:~.:~0:~.:~1:~
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts.
root@127.0.0.1: Permission denied (publickey).
lost connection
]0;root@ip-172-30-102-209: ~root@ip-172-30-102-209:~# scp batman.txt 127.0.0.1:~
root@127.0.0.1: Permission denied (publickey).
lost connection
]0;root@ip-172-30-102-209: ~root@ip-172-30-102-209:~# exit
répondu il y a 2 ans
0
Thank you for the context, this is very helpful.
On first investigation it appears that the issue is not with the custom detection, but rather the format of the log file. Using the excerpt you provided above, I ran this through Macie and the file was not scanned due to an UNSUPPORTED_FILE_TYPE_EXCEPTION. This is visible in the discovery results that are published to your S3 bucket.
The team is having a look to see if this is something that's easily addressable.
répondu il y a 2 ans
0
I tested by creating a file with string scp batman server:~
and it worked.
répondu il y a 2 ans
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 6 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
Hi ricardobarbosams - would you able to include an excerpt of a few lines of context in the relevant log file that contains "scp batman.txt server:~" or similar? You can obfuscate things like your servername or any user names, as long as the format is preserved. Thanks!