On Fri, 13 Jan 2006 11:38, Phill Coxon wrote: > I just jumped into the command line and noticed kernel messages for > failed ssh2 login attempts for bogus users. > > Checking my logs it turns out that someone has been trying to hack into > my ADSL connected computer since the 9th with a brute force script > trying different usernames and passwords.
I have noticed this a few times as well. > (3) Recommended strategies for dealing with break in attempts like this? > Ban the IPs for a while? I use iptables to drop all traffic from those host. iptables -A input -s <their ip> -j drop > Thanks! I am looking for a way to automate it though. Later Lee
pgpOEw9wjBmgh.pgp
Description: PGP signature
