Server Probing
Florez, Nestor
NFlorez at sdcwa.org
Tue Jan 29 18:22:43 UTC 2013
I will take a look at fail2ban
Thanks ALL!!!
Né§t☼r
-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com] On Behalf Of m.roth at 5-cent.us
Sent: Tuesday, January 29, 2013 8:54 AM
To: General Red Hat Linux discussion list
Subject: Re: Server Probing
Stephen Gilbert wrote:
>
>
> On Tue, Jan 29, 2013 at 11:18 AM, Florez, Nestor <NFlorez at sdcwa.org>
> wrote:
>
>> Hi,
>>
>> I apologize is this is the wrong place to ask about probing.
>>
>> Some of our servers were probed back on the 24th of January By these
>> IP addresses
<snip>
>> And in the last 24 hours by these IP addresses
<snip>
> I use iptables to lock down any ports I don't want exposed, then use
> fail2ban to block people trying to brute force their way in.
Second on fail2ban. We use it here at work, and we get scanned a *lot*, both by the security team, and a lot of places around the world - Brazil, China, Germany (did I mention China), etc - but we're a US government facility, and so an obvious target.
mark
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list