On Wednesday 19 September 2007, Brian Foddy wrote: > On Wednesday 19 September 2007, Niko wrote: > > Out of topic, but for your information if you don't already know about > > it, there's a nice tool to get rid of from ssh attacks (cpu effects, > > inconvenience, ...), it's fail2ban (http://www.fail2ban.org). > > > > Quick and easy to setup. > > I've used sshblack for many months, before I joined the pool. It > too I find easy to setup and very stable. I've seen a noticeable > increase in hack attempts since joining the pool, guess that is > only to be expected. > > However, someone caught in my web goes into the penalty box for > 15 days firewall dropping ALL packets (not just ssh connect requests) from > that IP. No more ntp for them... > 24 addresses and counting (2-4 per day on average). One extra > special ip address, who has tried to hack in 5 consecutive times, > gets special stop on the permanent honor roll. > > > And on some occasions, especially US IP addresses, I send their ISP > an abuse email. > > Brian > _______________________________________________
Correction -- 25, while I was typing the previous note, some bozo from San Diego tried also. Brian _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
