I was reading through the Logwatch emails this morning (I know, I know, nobody is supposed to actually _read_ that stuff :D ), and I noticed ssh brute force attempts on just about every machine. I thought it'd be worth getting some discussion going regarding mitigating that. One example:
...[snip]... Illegal users from: 71.43.151.229 (rrcs-71-43-151-229.se.biz.rr.com): 423 times ...[snip]... I don't know what (or if) any discussion has happened in the past regarding this issue, but I always try to use denyhosts (or similar) on my public-facing machines. Is this something that we want to look into? Has it been discussed before? Pros? Cons? If the team is open to the idea I'd be happy to put it on my list. -- Christer Edwards _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
