How about just blocking all asian ip blocks? Heh.
From: Brad Schulteis <[EMAIL PROTECTED]> To: HLDS <[EMAIL PROTECTED]> Date: Sun, 29 Aug 2004 19:40:40 -0500 Subject: [hlds_linux] [OT] Large Number of SSH attacks... Reply-To: [EMAIL PROTECTED] Anyone else experiencing an influx of attempted SSH breakins on nonstandard ports (30,000 and up) with users: ROOT, TEST, and GUEST originating from Asia? My logs for yesterday show 130 attempts. 1/3 from 210.205.6.157 (Korea), 1/3 from 202.133.104.27 (Malaysia) and 1/3 from 218.21.129.105 (China). This was higher than normal, but every day for about 2 weeks now, I have had such attempts. I'm a bit scared. It's a different IP each time, and usually a different subnet, so it seems to be quite distributed. I think I will probably have to change my passwords to random strings of characters soon to avoid a brute force attack. Any comments or suggestions would be appreciated. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux

