how to react on ssh attacks?
Boris Glawe
boris at boris-glawe.de
Mon Oct 24 11:06:18 UTC 2005
>
>
> So shell I worry about it or do I need to do some countermeasures?
Just ignore it, if your passwords are long enough and are NOT based on
words that can be found in dictionaries. Change the passwords from time
to time AND keep your sshd up to date.
If I have too many root login requests (>200) and I'am able to find out
the attackers provider (with nslookup <ip-address>), I sometimes write
an abuse report to the provider.
Most of these are attacks are script kiddies who are only successfull in
case that your password is emty or matches the username
greets Boris
More information about the fedora-list
mailing list