BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

break-in attempts on my server

Subject: break-in attempts on my server
From: rajiv at alum.mit.edu (Rajiv Aaron Manglani)
Date: Sun, 20 Nov 2005 21:42:01 -0500
In-reply-to: <4380F587.9010702@thekramers.net>
References: <4380F587.9010702@thekramers.net>

> Is there *anything* else I can do?  There's hundreds of these  
> attempts.

i block these attempts on my machine using http://www.sshblack.com/

"The sshblack script is a real-time security tool for secure shell  
(ssh). It monitors *nix log files for suspicious activity and reacts  
appropriately to aggressive attackers by adding them to a "blacklist"  
created using various firewalling tools -- such as iptables --  
available in most modern versions of Unix and Linux. The blacklist is  
simply a list of source IP addresses that are prohibited from making  
ssh connections to the protected host. Once a predetermined amount of  
time has passed, the offending IP address is removed from the  
blacklist."

References:
- break-in attempts on my server
  - From: david at thekramers.net (David Kramer)

Prev by Date: break-in attempts on my server
Next by Date: break-in attempts on my server
Previous by thread: break-in attempts on my server
Next by thread: break-in attempts on my server
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org