[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Login attacks

From: Michael Yep <myep remotelink com>
To: For users of Fedora Core releases <fedora-list redhat com>
Subject: Login attacks
Date: Tue, 07 Dec 2004 14:24:57 -0600

Hello

In my LogWatch report I get many login attacks, many from the same IP address.

sshd:
   Authentication Failures:
      root (218.232.109.187): 59 Time(s)
      adm (218.232.109.187): 2 Time(s)
      apache (218.232.109.187): 1 Time(s)
      nobody (218.232.109.187): 1 Time(s)
      operator (218.232.109.187): 1 Time(s)
   Invalid Users:
      Unknown Account: 43 Time(s)

I have permitRootLogin set to NO, and I use strong passwords, but can I just add these IP addresses to hosts.deny? and if so how would I set that up

Michael Yep
Development / Technical Operations
RemoteLink, Inc.

Follow-Ups:
- Re: Login attacks
  - From: Sean
- Re: Login attacks
  - From: Scot L. Harris
- Re: Login attacks
  - From: Gerry Doris
- Re: Login attacks
  - From: scootgirl.com
- Re: Login attacks
  - From: Thomas Cameron

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]