subscribe to -chat
> >>> just to post there... Someone is currently running a distributed SSH
> >>> attack against one of my boxes - one attempted login for root every
> >>> minute or so for the last 48 hours. They wont get anywhere, since the
> >>&
On 04/16/2010 05:18, krad wrote:
> On 16 April 2010 09:39, David Xu wrote:
>
>> Jeremy Lea wrote:
>>
>>> Hi,
>>>
>>> This is off topic to this list, but I dont want to subscribe to -chat
>>> just to post there... Someone is currently runnin
On 16 April 2010 09:39, David Xu wrote:
> Jeremy Lea wrote:
>
>> Hi,
>>
>> This is off topic to this list, but I dont want to subscribe to -chat
>> just to post there... Someone is currently running a distributed SSH
>> attack against one of my boxes
Jeremy Lea wrote:
Hi,
This is off topic to this list, but I dont want to subscribe to -chat
just to post there... Someone is currently running a distributed SSH
attack against one of my boxes - one attempted login for root every
minute or so for the last 48 hours. They wont get anywhere
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi, Anderesen,
Andresen, Jason R. wrote:
[...]
>> Believe it or not, I find this pf.conf rule very effective to mitigate
>> this type of distributed SSH botnet attack:
>>
>> block in quick proto tcp from any os "Linux" to any port ssh
>
> How does th
>-Original Message-
>From: owner-freebsd-hack...@freebsd.org [mailto:owner-freebsd-
>hack...@freebsd.org] On Behalf Of Xin LI
>Sent: Sunday, October 04, 2009 4:35 AM
>To: Daniel O'Connor
>Cc: jruoho...@iki.fi; freebsd-hackers@freebsd.org; krad
>Subject:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel O'Connor wrote:
> On Sat, 3 Oct 2009, krad wrote:
>> simplest this to do is disable password auth, and use key based.
>
> Your logs are still full of crap though.
>
> I find sshguard works well, and I am fairly sure you couldn't spoof a
> val
On Sat, 3 Oct 2009, krad wrote:
> simplest this to do is disable password auth, and use key based.
Your logs are still full of crap though.
I find sshguard works well, and I am fairly sure you couldn't spoof a
valid TCP connection through pf sanitising so it would be difficult
(nigh-impossible?
2009/10/3 Jukka Ruohonen
> On Fri, Oct 02, 2009 at 05:17:59PM -0400, Greg Larkin wrote:
> > You could set up DenyHosts and contribute to the pool of IPs that are
> > attempting SSH logins on the Net:
> > http://denyhosts.sourceforge.net/faq.html#4_0
>
> While I am well aware that a lot of people
Hi,
On 3 Oct 2009, at 09:13, Jukka Ruohonen wrote:
While I am well aware that a lot of people use DenyHosts or some
equivalent
tool, I've always been somewhat skeptical about these tools. Few
issues:
1. Firewalls should generally be as static as is possible. There is
a reason
why high
On Fri, Oct 02, 2009 at 05:17:59PM -0400, Greg Larkin wrote:
> You could set up DenyHosts and contribute to the pool of IPs that are
> attempting SSH logins on the Net:
> http://denyhosts.sourceforge.net/faq.html#4_0
While I am well aware that a lot of people use DenyHosts or some equivalent
tool,
ntly running a distributed SSH
> attack against one of my boxes - one attempted login for root every
> minute or so for the last 48 hours. They wont get anywhere, since the
> box in question has no root password, and doesn't allow root logins via
> SSH anyway...
>
> Bu
Greg Larkin wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jeremy Lea wrote:
Hi,
This is off topic to this list, but I dont want to subscribe to -chat
just to post there... Someone is currently running a distributed SSH
attack against one of my boxes - one attempted login for root
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jeremy Lea wrote:
> Hi,
>
> This is off topic to this list, but I dont want to subscribe to -chat
> just to post there... Someone is currently running a distributed SSH
> attack against one of my boxes - one attempted login for root
Hi,
This is off topic to this list, but I dont want to subscribe to -chat
just to post there... Someone is currently running a distributed SSH
attack against one of my boxes - one attempted login for root every
minute or so for the last 48 hours. They wont get anywhere, since the
box in
15 matches
Mail list logo
