as of few weeks ago, my log watch has swollen up well over 500k, full of dictionary ? attempted atacks like below:
is there much I can do ? like to prevent multiple attempts from same IP ? RH73, ipchains ----------------------- Failed logins from these: root/password from 202.30.108.64: 85 time(s) root/password from 218.24.139.109: 59 time(s) ... **Unmatched Entries** Failed password for illegal user bash from 221.244.156.229 port 58573 ssh2 Received disconnect from 221.244.156.229: 11: Bye Bye input_userauth_request: illegal user bash Failed password for illegal user bash from 221.244.156.229 port 59460 ssh2 ... -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html