Best Regards,
Mark L. Potter
Systems Engineer
Academy Sports & Outdoors
1800 N. Mason Rd
Katy, Texas 77449
Office: 281-646-5857
Cell: 281-734-6965
[EMAIL PROTECTED] wrote on 03/05/2008 04:04:16
PM:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Matthew Macdonald-Wallace wrote:
> | Hi All,
> |
> | Before I start coding my own plugin to do this, does anyone know of a
> | plugin that monitors the number of external connection attempts over a
> | given period of time for a given service and sends alerts accordingly?
> |
> | I've noticed on a number of servers that we maintain recently that
> | there are unauthorised attempts to connect via SSH/FTP. These appear
> | in the log files about 2 seconds apart and are obviously automated.
>
> They are in fact rooted machines running a bot doing the work. these are
> around for years and apparantly people still think that they can put up
> unpatched servers on the internet.
>
> But unless you will report the server to th owner of the network or
> anything like that I think it will be just adrain of resources without
> any benefit.
>
> Hugo.
>
As much as reporting them sounds nice I find only about one in ten reports
ever has any response and only about one on five of those has anything
done about it. I use a combination of scripts to simply null route the
bastards and be done with them.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null