> Of the systems that run Linux, how many of you have them directly > accessible to the Internet?
A lot of them, I am working for an ISP. > As all of you know, I run Slackware Linux here, for Intel, practically > every day the system is on, I see people attempting to access the > system via SSH from unknown, to it, IP addresses. > > Are any of you seeing these happen? And what are you doing to prevent > such access? That is a normal behavior if you have password authentification enabled. If you disable it and configure SSH to usr key authentification, the attackers get a message that they can't login via username/password. Sometime they even try to brut-force the root account. We had that at some old customers firewalls, which had passwort auth enable. After disabling it, the attacks stoped from one second to an other. > ------------------- > Gregg C Levine [EMAIL PROTECTED] > ------------------------------------------------------------ > "The Force will be with you...Always." Obi-Wan Kenobi > "Use the Force, Luke."� Obi-Wan Kenobi -- Mit freundlichen Gruessen / with kind regards Daniel Weuthen ------------------------------------------------------------------- in a world without walls and fences, who needs windows and gates ------------------------------------------------------------------- Megabit Informationstechnik GmbH Karstr.25 41068 Moenchengladbach Tel: 02161/308980 mailto:[EMAIL PROTECTED] ftp://megabit.net Fax: 02161/3089818 mailto:[EMAIL PROTECTED] http://megabit.net ------------------------------------------------------------------- ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
pgpWUilLw7L5B.pgp
Description: PGP signature
