[EMAIL PROTECTED] wrote:
I get gobs of messages like this in /var/log/messages:
Dec 19 14:27:41 shoehorn sshd[11058]: Invalid user manager from
200.222.17.14
Dec 19 14:27:44 shoehorn sshd[11062]: Invalid user majordomo from
200.222.17.14
Dec 19 14:27:54 shoehorn sshd[11070]: Invalid user master from
200.222.17.14
Dec 19 14:28:06 shoehorn sshd[11080]: Invalid user named from
200.222.17.14
Dec 19 14:28:09 shoehorn sshd[11084]: Invalid user nasa from
200.222.17.14
Dec 19 14:28:16 shoehorn sshd[11088]: Invalid user netdump from
200.222.17.14
Dec 19 14:28:36 shoehorn sshd[11100]: Invalid user nfsnobody from
200.222.17.14
Dec 19 14:28:39 shoehorn sshd[11104]: Invalid user operator from
200.222.17.14
... on an older machine, I use fail2ban to look for this kind of
harassment and block the IP for some amount of time.
Is there anything to accomplish this for SuSE?
I'm running SuSE 10.1.
hmm, I always limit the allowed IPs in hosts.{deny.allow} and also limit
the list of users who can login via ssh in sshd_config - saves a lot of
overhead if we just close the door, rather than trying to dance with
these folks...
Joe
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
