DragonFly BSD
DragonFly users List (threaded) for 2005-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Note to LEAF users on ssh logins


From: "Martin P. Hellwig" <mhellwig@xxxxxxxxx>
Date: Thu, 03 Mar 2005 12:05:15 +0100

Matthew Dillon wrote:
    Leaf and, in fact, all of my machines which have open ssh ports are getting
    random hack attempts, about 20-30 a day in short bursts, usually from a
    different IP address each day.  I talked with a few sysop friends and
    their boxes are getting similar traffic.  The hack attempts primarily
    try to ssh to root, admin, and a bunch of microsoft-soundy names.  It looks
    fairly coordinated, like it is trying a couple of passwords a each day
    then trying again with different passwords the next day.
<cut>
Yeah all my boxes have the same, mosty asian IP's though, perhaps it would be nice to have a default something in the system that can be turned on vi rc.conf that whenever there are more then 10 login attemps within 5 minutes that IP gets blocked for say 48 hours?


--
mph



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]