David Southwell wrote:
Examples from hosts.deniedssh
I seem to be on the receiving end of a concerted series of unsuccessful break
in attacks on one of our systems. One small part of the attack has resulted
in over 2000 entries in our hosts.deniedssh file in less than 1 hour.
I would be interested in any comments on the small example shown below and any
advice.
1. see thread from last week "denying spam hosts ssh access"
2. don't resolve ips
3. do a sort, you'll see that many come from the same network, possibly
the same node with a new IP, block entire ranges, blocking individual
ip's is futile.
4. consider blocking in your firewall
5. don't worry, unsuccesfull attacks are - well, unsuccesfull
BR, Erik
--
Erik Nørgaard
Ph: +34.666334818/+34.915211157 http://www.locolomo.org
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"