[K12OSN] How do I stop attempted logins
Thomas E. Haynes
haynest at mchsi.com
Tue Mar 22 01:34:57 UTC 2005
> -----Original Message-----
> From: k12osn-bounces at redhat.com
> [mailto:k12osn-bounces at redhat.com] On Behalf Of Dr. Daniel Loomis
> Sent: Monday, March 21, 2005 8:27 PM
> To: k12osn at redhat.com
> Subject: [K12OSN] How do I stop attempted logins
--snip--
>
> I have considered changing to a non-standard port, but I
> suspect that a simple portscan would quickly discover it and
> the attempts would continue.
>
> My /var/log/secure files are filling up fast with these
> repeated breakin attempts. I have done a whois on several of
> the addresses. Most seem to be coming from Taiwan and other
> places in Asia.
>
I vote for changing to a nonstandard port. These login attempts are
scripted, and they are not scanning ports. The odd port would not slow down
a determined cracker, but you are dealing with the irritation of script
kiddies.
My 2 cents... Tom
More information about the K12OSN
mailing list