[nylug-talk] Increased amount in port hacking attemtpts
H. G.
tekronis at gmail.com
Mon Nov 26 17:00:32 EST 2007
On 11/26/07, Gregg Levine <gregg.drwho8 at gmail.com> wrote:
>
> Hello!
> Has anyone noticed an increase in the amounts of individuals, and
> others, attempting to crash a normally secure SSH server? Now we could
> be SSH service on mine, certainly that's where I am seeing them, but I
> mean everywhere.
>
>
> Also it seems that the attempts are all dictionary based, and its the
> US English one. I find that curious in that all of the attacks came
> from overseas, plus one overzealous twerp from right here in the US,
> based in the domain served by my ISP. He was in Texas as it happens.
>
> I should state that the vast majority of these pests are indeed coming
> from overseas. There was one big overzealous twerp from here in the
> US, and based in the same area as my ISP serves.
>
> Can anyone suggest an IPChains method to drop the entire areas served
> by services in Europe and Asia? Or failing that a known working method
> for dumping out these twerps by simply giving them three tries to
> prove they really don't know my password(s) and throwing them out.
>
> Oh and this is on a Slackware-11.0 based system.
> --
> Gregg C Levine gregg.drwho8 at gmail.com
> "This signature was once found posting rude
> messages in English in the Moscow subway."
>
> _____________________________________________________________________________
> Hire expert Linux talent by posting jobs here :: http://jobs.nylug.org
> The nylug-talk mailing list is at nylug-talk at nylug.org
> The list archive is at http://nylug.org/pipermail/nylug-talk
> To subscribe or unsubscribe: http://nylug.org/mailman/listinfo/nylug-talk
>
Maybe this will help:
http://hostingfu.com/article/ssh-dictionary-attack-prevention-with-iptables
More information about the nylug-talk
mailing list