I have seen this too alot. Im suprised to see so many with the problem. Im still somewhat a linux noob, anyone have any sites or links to info to eliminate passwords and use keys??? Or other suggestions? I have to use ssh, its how I run server. But id like to read up on some security fixes.
----- Original Message ----- From: "Jon Langevin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, August 29, 2004 7:55 PM Subject: RE: [hlds_linux] [OT] Large Number of SSH attacks...
How about just blocking all asian ip blocks? Heh.
From: Brad Schulteis <[EMAIL PROTECTED]> To: HLDS <[EMAIL PROTECTED]> Date: Sun, 29 Aug 2004 19:40:40 -0500 Subject: [hlds_linux] [OT] Large Number of SSH attacks... Reply-To: [EMAIL PROTECTED]
Anyone else experiencing an influx of attempted SSH breakins on nonstandard ports (30,000 and up) with users: ROOT, TEST, and GUEST originating from Asia? My logs for yesterday show 130 attempts. 1/3 from 210.205.6.157 (Korea), 1/3 from 202.133.104.27 (Malaysia) and 1/3 from 218.21.129.105 (China). This was higher than normal, but every day for about 2 weeks now, I have had such attempts. I'm a bit scared. It's a different IP each time, and usually a different subnet, so it seems to be quite distributed. I think I will probably have to change my passwords to random strings of characters soon to avoid a brute force attack. Any comments or suggestions would be appreciated.
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux

