Hello people, I guess all servers with ssh enable on default port has problems with brute force.. and isn't different on my server :)
And after a lot of failed tries my "system.log" gets corrupted.. like: [EMAIL PROTECTED] ~]# tail -n3 /var/log/system.log Aug 30 15:44:22 bzrouter01 sshd[58326]: Invalid user guest from 200.128.80.174 Aug 30 15:44:22 bzrouter01 sshd[58326]: Failed password for invalid user guest from 200.128.80.174 port 56056 ssh2 Aug 30 15:44:22 bzrouter01 sshd[58328]: Invalid user master from 200.128.CLOG?S|[EMAIL PROTECTED] ~]# I've two questions: 1) There are a simple way to detect and block brute force? I ready in some place to use snort... and I've installed and I guess is configured correctly, but doesn't block anyone. 2) Is normal this error on "system.log"? Thanks in advance Igor Macedo --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
