On 3.8.2013 11:17, Nick wrote:
Quoth Bryan Carey:
Thanks everyone for your input! I already had root access disabled via sshd
config. I will look into fail2ban as it sounds like it remedies the problem
I'm having.
Changing the port sshd runs on has a suprisingly large impact on
reducing the num
Quoth Bryan Carey:
> Thanks everyone for your input! I already had root access disabled via sshd
> config. I will look into fail2ban as it sounds like it remedies the problem
> I'm having.
Changing the port sshd runs on has a suprisingly large impact on
reducing the number of these attacks, too.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/02/2013 05:44 PM, Andy Isaacson wrote:
> On Fri, Aug 02, 2013 at 03:25:10PM -0600, Bryan Carey wrote:
>> Thanks everyone for your input! I already had root access
>> disabled via sshd config. I will look into fail2ban as it sounds
>> like it reme
On Fri, Aug 02, 2013 at 03:25:10PM -0600, Bryan Carey wrote:
> Thanks everyone for your input! I already had root access disabled via sshd
> config. I will look into fail2ban as it sounds like it remedies the problem
> I'm having.
I'm confused, what's the actual problem you're having?
Is the prob
Hi
Am 02.08.2013 21:18, schrieb Bryan Carey:
> Here are some that I have seen recently trying to brute force common
> user accounts and root password attempts:
I remember this to be a common phenomena for at least 15 years now. Done
by millions of (probably zombie) computers around the world. Do
Thanks everyone for your input! I already had root access disabled via sshd
config. I will look into fail2ban as it sounds like it remedies the problem
I'm having.
@Nick - I'm talking about attacks directed at the node, not going through
it.
Thanks,
Bryan
On Fri, Aug 2, 2013 at 2:04 PM, Marina
If you are just talking about regular server hacking attempts, and you are
using debian, tben try demyhosts and have it query the demyhosts server
every hour or so. It will download a list of known attacking ips
On Aug 2, 2013 3:41 PM, "Bryan Carey" wrote:
> Is there any kind of compiled list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/02/2013 03:18 PM, Bryan Carey wrote:
> Is there any kind of compiled list of IPs that relay operators can
> refer to that are known bad IPs (sources of brute force SSH
> attempts, etc.)? Is there a reason to NOT block (drop) traffic from
> these
Quoth Bryan Carey:
> Is there any kind of compiled list of IPs that relay operators can refer to
> that are known bad IPs (sources of brute force SSH attempts, etc.)? Is
> there a reason to NOT block (drop) traffic from these IPs?
Quite possibly I'm being stupid, but wouldn't these IPs just be
ot
I wouldn't think such a database would exist because of the way Tor works.
Regards,
Tom McLoughlin
On 02/08/2013 20:18, Bryan Carey wrote:
> Is there any kind of compiled list of IPs that relay operators can
> refer to that are known bad IPs (sources of brute force SSH
> attempts, etc.)? Is there
Is there any kind of compiled list of IPs that relay operators can refer to
that are known bad IPs (sources of brute force SSH attempts, etc.)? Is
there a reason to NOT block (drop) traffic from these IPs?
Here are some that I have seen recently trying to brute force common user
accounts and root
11 matches
Mail list logo
