[K12OSN] OT: Break-In report

Michael Blinn mblinn at peopleplaces.org
Wed Jan 2 14:24:09 UTC 2008

  Not true. I use and recommend the package 'denyhosts' - Nice little 
python script that daemonizes to periodically check /var/log/secure, 
adding IPs from brute-force attackers to /etc/hosts.deny, then emails me 
its actions. You can also set an auto-expire time for those blocks. I 
love it.

Les Mikesell wrote:
> There is quite a lot of ssh password guessing going on over the 
> internet.  If you have systems with the ssh port exposed, you can 
> expect to see a few hundred attempts a day in the logs - a slow enough 
> rate that you might not notice but the attackers are probably 
> spreading their attempts over thousands of systems.  There are some 
> packages that watch the logs and firewall addresses with repeated 
> failed attempts but none are included in the distribution.


This message, and any attachments that may accompany it, contain information that is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If the recipient of this message is not the intended recipient, any disclosure, copying, or other use of this communication or any of the information, which it contains is unauthorized and prohibited.  If you have received this message in error, please notify the original sender by return mail and delete this message, along with any attachments, from your computer. Thank you.  

More information about the K12OSN mailing list