How about just blocking all asian ip blocks? Heh.


From: Brad Schulteis <[EMAIL PROTECTED]>
To: HLDS <[EMAIL PROTECTED]>
Date: Sun, 29 Aug 2004 19:40:40 -0500
Subject: [hlds_linux] [OT] Large Number of SSH attacks...
Reply-To: [EMAIL PROTECTED]

Anyone else experiencing an influx of attempted SSH breakins on
nonstandard ports (30,000 and up) with users: ROOT, TEST, and GUEST
originating from Asia? My logs for yesterday show 130 attempts. 1/3 from
210.205.6.157 (Korea), 1/3 from 202.133.104.27 (Malaysia) and 1/3 from
218.21.129.105 (China). This was higher than normal, but every day for
about 2 weeks now, I have had such attempts. I'm a bit scared. It's a
different IP each time, and usually a different subnet, so it seems to
be quite distributed. I think I will probably have to change my
passwords to random strings of characters soon to avoid a brute force
attack. Any comments or suggestions would be appreciated.


_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds_linux

Reply via email to