On 11/15/06, Shri Shrikumar <[EMAIL PROTECTED]> wrote:
Hi All,
I have a few servers on which there is a regular penetration attempts
using brute force password guessing bots.
There is little risk to the server but am getting more and more annoyed
by this and as far as I can see am left with two options.
1. Report each ip address that does this. However, a lot of them seems
to be from asia with no proper abuse@ address to contact. Additionally,
this can be very time consuming.
2. Change the port number that ssh uses to something else. This has the
annoyance that I need to pass the new port number in each time I want to
log-in.
3. Ignore the issue. Very annoying since logwatch and logcheck
constantly complain about it. However, I can add filters so it annoys me
less.
Is there a another option? Alternatively, is there a way of
automatically reporting offending ip's?
Hello,
you could try to use denyhosts.
Best regards,
Sergio
--
"Meine Hoffnung soll mich leiten
Durch die Tage ohne Dich
Und die Liebe soll mich tragen
Wenn der Schmerz die Hoffnung bricht"
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
