Login attacks
Michael Yep
myep at remotelink.com
Tue Dec 7 20:24:57 UTC 2004
Hello
In my LogWatch report I get many login attacks, many from the same IP address.
sshd:
Authentication Failures:
root (218.232.109.187): 59 Time(s)
adm (218.232.109.187): 2 Time(s)
apache (218.232.109.187): 1 Time(s)
nobody (218.232.109.187): 1 Time(s)
operator (218.232.109.187): 1 Time(s)
Invalid Users:
Unknown Account: 43 Time(s)
I have permitRootLogin set to NO, and I use strong passwords, but can I
just add these IP addresses to hosts.deny?
and if so how would I set that up
Michael Yep
Development / Technical Operations
RemoteLink, Inc.
More information about the fedora-list
mailing list