SSH hank attempts… bad?

Tue, 11 Apr 2006 19:56:08 -0700

My server can get up ~12,000 [1] failed log in attempts recorded in my server's logs in one day. How much of a concern should this be? I am aware of restricting shell access to certain IPs. Will that restrict the handshake or will I still see the attempts in my logs? Are there any ways to restrict the attempts? 


[1] Generally, ~3-20 on against standard system accounts (root, news,  
squid, apache, etc), ~5,000 against unknown, and ~12,000 against  
"unmated entries."



Wade Preston Shearer





Attachment:
smime.p7s

Description: S/MIME cryptographic signature


/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/





















					Reply via email to