how to react on ssh attacks?
Steven Stern
subscribed-lists at sterndata.com
Mon Oct 24 12:15:06 UTC 2005
Stephanus Fengler wrote:
ris
>>
> Hi Boris
> Since I need the ssh service, I can't disable it. Actually counting the
> number of root pw attacks it was 540 within 28 mins after then he
> switched over to pw guessing for random usernames for another 500 times
> and 25 mins. Anyway nslookup gives:
>
> nslookup 81.208.32.170
> Server: 134.60.1.111
[snip]
>
> I actually don't know what to do with this output.
> and btw just using the ip in a webbrowser it comes up with a page from
> IBM ?!? ... wired...
I modified the sshd_config file so SSH uses a port other than 22. In
/etc/ssh/sshd_config, add
port 2122
To connect to the machine, you'd use
ssh -p 2122 hostname
--
Steve
More information about the fedora-list
mailing list