[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] OT: Break-In report



Not true. I use and recommend the package 'denyhosts' - Nice little python script that daemonizes to periodically check /var/log/secure, adding IPs from brute-force attackers to /etc/hosts.deny, then emails me its actions. You can also set an auto-expire time for those blocks. I love it.
-Michael

Les Mikesell wrote:
There is quite a lot of ssh password guessing going on over the internet. If you have systems with the ssh port exposed, you can expect to see a few hundred attempts a day in the logs - a slow enough rate that you might not notice but the attackers are probably spreading their attempts over thousands of systems. There are some packages that watch the logs and firewall addresses with repeated failed attempts but none are included in the distribution.

--


CONFIDENTIALITY NOTICE:
This message, and any attachments that may accompany it, contain information that is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If the recipient of this message is not the intended recipient, any disclosure, copying, or other use of this communication or any of the information, which it contains is unauthorized and prohibited. If you have received this message in error, please notify the original sender by return mail and delete this message, along with any attachments, from your computer. Thank you.
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]