[PLUG] Break in attempt?
Rich Burroughs
rich at richburroughs.com
Mon Mar 12 22:50:31 UTC 2012
On Sun, Feb 19, 2012 at 10:01 AM, Rich Shepard <rshepard at appl-ecosys.com> wrote:
> On Sun, 19 Feb 2012, Denis Heidtmann wrote:
>
>> Does this imply that the login attempt message I received was of a
>> different sort of attack?
>
> Denis,
>
> _I_ don't think so. What's most important is that every attempt to crack
> into your system/network via ssh fails. We can no more eliminate these
> attempts than we can eliminate spam.
It depends some on what your access needs are. If you don't need your
server to be able to accept SSH connections from the entire Internet,
you can at least cut them way down.
I have seen this script at work:
http://denyhosts.sourceforge.net/
It allows you to block IPs that make failed SSH login attempts. There
are other scripts out there that do similar things.
Rich
More information about the PLUG
mailing list