RE: brute force ssh attack
From: Jeff Vian (jvian10_at_charter.net)
Date: 05/05/05
- Previous message: Daniel B. Thurman: "RE: brute force ssh attack"
- In reply to: Daniel B. Thurman: "RE: brute force ssh attack"
- Next in thread: Chris Stark: "Re: brute force ssh attack"
- Reply: Chris Stark: "Re: brute force ssh attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: For users of Fedora Core releases <fedora-list@redhat.com> Date: Wed, 04 May 2005 20:47:07 -0500
On Wed, 2005-05-04 at 18:23 -0700, Daniel B. Thurman wrote:
> Folks,
>
> Seems that I am getting daily brute-force ssl attacks --
> Anything I can or should do?
>
> Here is the System Logs:
> =======================================
> May 4 01:01:50 linux sshd[10438]: Did not receive identification string from ::ffff:194.65.138.98
> May 4 01:04:44 linux sshd[10448]: Illegal user temp from ::ffff:194.65.138.98
> May 4 01:04:57 linux sshd[10448]: Failed password for illegal user temp from ::ffff:194.65.138.98 port 52888 ssh2
snip
> May 4 13:07:04 linux sshd[24906]: Failed password for illegal user admins from ::ffff:209.76.72.12 port 52516 ssh2
> May 4 13:07:04 linux sshd[24908]: Illegal user admins from ::ffff:209.76.72.12
> May 4 13:07:07 linux sshd[24908]: Failed password for illegal user admins from ::ffff:209.76.72.12 port 52610 ssh2
>
I set my firewall to block ssh from everywhere except the few places I
might use for remote access. It drastically cut down the attempts to
get in. I now only get hit from one or 2 IPs a day.
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Daniel B. Thurman: "RE: brute force ssh attack"
- In reply to: Daniel B. Thurman: "RE: brute force ssh attack"
- Next in thread: Chris Stark: "Re: brute force ssh attack"
- Reply: Chris Stark: "Re: brute force ssh attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
