[PLUG-TALK] Cracking Attempts

Rich Shepard rshepard at appl-ecosys.com
Mon Jun 2 15:33:04 UTC 2014


On Mon, 2 Jun 2014, Paul Mullen wrote:

> If you're really concerned, you could always attempt to block Chinese IP
> addresses. Lists of all known Chinese IP addresses are available (e.g.,
> http://www.wizcrafts.net/chinese-iptables-blocklist.html). They can never
> be entirely complete, and the list keeps changing, but it does help to
> dramatically reduce the attack noise in log files. Combine that with
> fail2ban if you have the spare time.

   Thanks, Paul. I use the Netgear firewall appliance instead of iptables on
the server.

   I always apply patches when they're distributed. No one's gotten in -- yet
-- in 17 years and I am not concerned, only curious why they keep trying
every day. Except, as you note, it's free.

Rich



More information about the PLUG-talk mailing list