On 07/08/2015 02:20 PM, Jake Anderson wrote: > Is there a way to track the IP address associated with a SSHD OTX task ?
On all of my Linux systems (of any architecture), SSHD reports incoming connections in copious detail. Look where your SYSLOG traffic is recorded. Hopefully the OE SSHD logs there like Linux OpenSSH server does. If the system in question is externally facing, it's likely that you're getting hit by a brute force attack. It is common. (Picture vagrants walking down your street trying every door, with a ring of door keys, just for analogy.) Some shops and individuals employ tools to make note of the incoming addresses (like you suggested) of these rogue actors and block them. If an IP address demonstrating a lot of failed logins turns out to be for an internet cafe in Kathmandu, and the system in question does not support business there, it's a good idea to block it. -- R; <>< ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
