subject:"RE\: repeated ssh login attempts\/failure\/break\-in attempts from kiddy script"

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-04-02 Thread Peter N. M. Hansteen

Nathan Vidican <[EMAIL PROTECTED]> writes: > ie: after 4 failed attempts from IP _BLANK_ in less than _BLANK_ minutes, > deny > all attempts and drop connection from said IP... possible? using pf, this is astoundingly easy, see eg http://www.bgnett.no/~peter/pf/en/bruteforce.html If you go do

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-03-31 Thread J65nko

On 3/31/06, Nathan Vidican <[EMAIL PROTECTED]> wrote: > Noted recently in auth.log, a string of connection attempts repeated/failed > over > and over from one host - looks like a script someone's running, tries all > kinds > of various usernames, etc... attempts like 100-200 logins, fails and goe

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-03-31 Thread Paul Schmehl

--On Friday, March 31, 2006 08:42:30 -0500 Nathan Vidican <[EMAIL PROTECTED]> wrote: Noted recently in auth.log, a string of connection attempts repeated/failed over and over from one host - looks like a script someone's running, tries all kinds of various usernames, etc... attempts like 100-20

RE: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-03-31 Thread fbsd_user

What you are seeing is ssh doing it's job like its designed to do. This is not anything you have to worry about. If you don't want to see these messages in your auth.log then change syslog.conf to only send critical messages to the log. There are a few different ports in the FreeBSD ports collecti

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-03-31 Thread Bob Johnson

On 3/31/06, Nathan Vidican <[EMAIL PROTECTED]> wrote: > Noted recently in auth.log, a string of connection attempts repeated/failed > over > and over from one host - looks like a script someone's running, tries all > kinds > of various usernames, etc... attempts like 100-200 logins, fails and goes

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-03-31 Thread albi

Nathan Vidican wrote: > Noted recently in auth.log, a string of connection attempts > repeated/failed over and over from one host - looks like a script > someone's running, tries all kinds of various usernames, etc... attempts > like 100-200 logins, fails and goes away. > > Few hours go by, and an

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

2006-03-31 Thread Pat Maddox

Disable password-based logins (use keys instead), move SSH to another port, or install some kind of brute force monitor. First two options are the best, but if for some reason you need to keep it on 22 and password-based logins then look to a BF monitor. Just make sure you actually need it..and d

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

RE: repeated ssh login attempts/failure/break-in attempts from kiddy script

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

Re: repeated ssh login attempts/failure/break-in attempts from kiddy script

7 matches

Site Navigation

Mail list logo

Footer information