CSUSB Alert: Power has been restored to the San Bernardino campus; normal operations will resume Friday, July 26th.

Power to the San Bernardino campus has been restored as of 9:55 a.m. Normal campus operations will resume Friday, July 26th. Essential staff with questions on whether to report should contact their appropriate administrator. Facilities Management will be working to check all building systems including HVAC, elevators and fire alarms. If power has not been restored in your work area when you return, please report that to Facilities Planning and Management at (909) 537-5175. The Palm Desert Campus remains open and operational.

Site Header Region
Page Header
Main Content Region

Security Email Report Template

Email should be sent to security@csusb.edu

From: John Q. Analyst 
Subject: SSH scan from 139.182.x.y
To: security@csusb.edu


139.182.x.y hit almost 18,000 University addresses this morning with
an SSH scan.  You probably were compromised with some sort of worm.
Here is an excerpt from one systems log:

All times in PST (GMT -0800).

Feb 31 08:50:57 research sshd[68209]: Failed password for root from
139.182.x.y port 50111 ssh1
Feb 31 08:51:01 research sshd[68215]: Failed password for root from
139.182.x.y port 50336 ssh1
Feb 31 08:51:05 research sshd[68228]: Failed password for root from
139.182.x.y port 50513 ssh1
Feb 31 08:51:08 research sshd[68235]: Failed password for root from
139.182.x.y port 50721 ssh1
Feb 31 08:51:08 research sshd[68237]: Failed password for root from
139.182.x.y port 50838 ssh1


If you require add'l info, just let me know!
-JA

--
John Q. Analyst
Extra Watchful University
Institutional Security Office
(999)555-1212