Login attacks
scootgirl.com
zolkat79 at dslextreme.com
Wed Dec 8 00:41:29 UTC 2004
----- Original Message -----
From: "Michael Yep" <myep at remotelink.com>
To: "For users of Fedora Core releases" <fedora-list at redhat.com>
Sent: Tuesday, December 07, 2004 12:24 PM
Subject: Login attacks
> Hello
>
> In my LogWatch report I get many login attacks, many from the same IP
> address.
>
> sshd:
> Authentication Failures:
> root (218.232.109.187): 59 Time(s)
> adm (218.232.109.187): 2 Time(s)
> apache (218.232.109.187): 1 Time(s)
> nobody (218.232.109.187): 1 Time(s)
> operator (218.232.109.187): 1 Time(s)
> Invalid Users:
> Unknown Account: 43 Time(s)
>
> I have permitRootLogin set to NO, and I use strong passwords, but can I
> just add these IP addresses to hosts.deny?
> and if so how would I set that up
>
I set SSHd to a non standard port way up the chain and changed my firewall
rules. No more problems.
Karen
http://scootgirl.com/
More information about the fedora-list
mailing list