BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

break-in attempts on my server

Subject: break-in attempts on my server
From: kentborg at borg.org (Kent Borg)
Date: Sun, 20 Nov 2005 17:44:09 -0500
In-reply-to: <4380F587.9010702@thekramers.net>; from david@thekramers.net on Sun, Nov 20, 2005 at 05:15:35PM -0500
References: <4380F587.9010702@thekramers.net>

On Sun, Nov 20, 2005 at 05:15:35PM -0500, David Kramer wrote:
> Is there *anything* else I can do?  There's hundreds of these attempts.

If you have good passwords, they won't get in.  I get tons of attempts
most days and I don't worry about them.

If you want to slow them down I have seen suggestions to have your
iptables automatically blackhole the IP address of anyone who tries
too many times to login and fails.  The blackhole expires after a time
so you don't collect a bunch of dynamic IP addresses that are later
innocent.

I haven't tried it myself, but take a look at one example
https://www.redhat.com/archives/fedora-list/2005-May/msg01323.html

Let us know how it turns out.


-kb

Follow-Ups:
- break-in attempts on my server
  - From: colet at code-energy.com (Cole Tuininga)
- break-in attempts on my server
  - From: david at thekramers.net (David Kramer)
- break-in attempts on my server
  - From: dsr at tao.merseine.nu (dsr at tao.merseine.nu)

References:
- break-in attempts on my server
  - From: david at thekramers.net (David Kramer)

Prev by Date: break-in attempts on my server
Next by Date: break-in attempts on my server
Previous by thread: break-in attempts on my server
Next by thread: break-in attempts on my server
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org