Re: increasing failed sshd logins/clearing breadcrumb trails

2004-09-16 Thread John DeStefano
Date: Wed, 15 Sep 2004 12:21:29 +0930 From: Tim Aslat [EMAIL PROTECTED] Subject: Re: increasing failed sshd logins/clearing breadcrumb trails To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII Tim Aslat [EMAIL PROTECTED] once said

Re: increasing failed sshd logins/clearing breadcrumb trails

2004-09-16 Thread Glenn Sieb
John DeStefano said the following on 9/16/2004 10:40 AM: The easiest way to protect this is to check your sshd_config and set: PermitRootLogin no Interestingly, this option did not exist in my config file (I added it), but all other options were commented out. Is this the

increasing failed sshd logins/clearing breadcrumb trails

2004-09-14 Thread John DeStefano
I've noticed a few posts over the past week or so regarding users' servers being probed by remote ssh attempts. Coincidentally (or perhaps not so), around that time, I began getting quite a few records of such attempts to my server, at the rate of about 3 tries per IP, and about three IPs per

Re: increasing failed sshd logins/clearing breadcrumb trails

2004-09-14 Thread Glenn Sieb
John DeStefano said the following on 9/14/2004 10:15 PM: I've noticed a few posts over the past week or so regarding users' servers being probed by remote ssh attempts. Coincidentally (or perhaps not so), around that time, I began getting quite a few records of such attempts to my server, at the

Re: increasing failed sshd logins/clearing breadcrumb trails

2004-09-14 Thread Tim Aslat
In the immortal words of Glenn Sieb [EMAIL PROTECTED]... I've been getting this for weeks. They're all under APNIC, and emails to [EMAIL PROTECTED] involved networks has gone unanswered. I've been getting these as well, but from a multitude of address spaces. Not just APNIC. The easiest way

Re: increasing failed sshd logins/clearing breadcrumb trails

2004-09-14 Thread Glenn Sieb
Tim Aslat said the following on 9/14/2004 10:51 PM: In the immortal words of Glenn Sieb [EMAIL PROTECTED]... I've been getting this for weeks. They're all under APNIC, and emails to [EMAIL PROTECTED] involved networks has gone unanswered. I've been getting these as well, but from a