[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bloquer les tentatives connexion ssh

Le Wed, 1 Oct 2008 15:21:17 +0200
steve <dlist@bluewin.ch> a écrit:

> Mais ici il ne
> s'agit pas vraiment de sécurité mais juste de réduire les nuisances dues
> à ces essais sur un port classique. Mais fail2ban fait très bien son
> travail.

À une remarque près, j'utilise ipt_recent et un script faisant à peu près la
même chose mais je fais face à des tentatives venant de 2000 machines
différentes coordonnées entre elles:
..
Failed keyboard-interactive/pam for invalid user tmp from 200.127.112.176 port 45431 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 217.98.80.5 port 48372 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 196.211.228.226 port 42894 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 62.38.242.231 port 62736 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 98.162.246.23 port 39423 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 218.201.201.6 port 45558 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 83.103.70.170 port 14321 ssh2
Failed keyboard-interactive/pam for invalid user tmp from 82.107.18.143 port 49964 ssh2
Failed keyboard-interactive/pam for invalid user temp from 165.228.206.192 port 46860 ssh2
Failed keyboard-interactive/pam for invalid user temp from 201.147.111.94 port 60470 ssh2
Failed keyboard-interactive/pam for invalid user temp from 203.80.236.60 port 50267 ssh2
Failed keyboard-interactive/pam for invalid user temp from 80.118.132.88 port 2028 ssh2
Failed keyboard-interactive/pam for invalid user temp from 89.216.242.73 port 20141 ssh2
Failed keyboard-interactive/pam for invalid user temporary from 194.228.118.57 port 10382 ssh2
Failed keyboard-interactive/pam for invalid user temporary from 92.236.53.54 port 62598 ssh2
Failed keyboard-interactive/pam for invalid user temporary from 60.49.250.58 port 1171 ssh2
Failed keyboard-interactive/pam for invalid user temporary from 121.139.193.67 port 1697 ssh2
Failed keyboard-interactive/pam for invalid user temporary from 216.197.204.76 port 38963 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 70.154.244.35 port 22916 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 81.137.224.38 port 11630 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 217.98.80.5 port 32738 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 217.126.90.161 port 52937 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 200.170.141.134 port 52109 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 213.41.149.160 port 34584 ssh2
Failed keyboard-interactive/pam for invalid user christelle from 92.104.254.121 port 52387 ssh2
Failed keyboard-interactive/pam for invalid user christiane from 190.8.149.130 port 43134 ssh2
Failed keyboard-interactive/pam for invalid user christiane from 201.230.98.131 port 18328 ssh2
Failed keyboard-interactive/pam for invalid user christiane from 212.147.16.232 port 53706 ssh2
Failed keyboard-interactive/pam for invalid user christiane from 213.98.2.49 port 56032 ssh2
Failed keyboard-interactive/pam for invalid user christiane from 196.211.228.226 port 52944 ssh2
Failed keyboard-interactive/pam for invalid user christiane from 200.183.40.66 port 52170 ssh2
Failed keyboard-interactive/pam for invalid user christine from 83.12.137.44 port 42141 ssh2
Failed keyboard-interactive/pam for invalid user christine from 201.155.69.6 port 3497 ssh2
Failed keyboard-interactive/pam for invalid user christine from 145.253.179.228 port 60859 ssh2
...

je ne sais pas comment contourner ça mis à part l'écoute sur un autre port...

François Boisson
Reply to: