Re: intrusion via ssh

To: debian-user@lists.debian.org
Subject: Re: intrusion via ssh
From: "Todd A. Jacobs" <nospam@codegnome.org>
Date: Thu, 31 Mar 2005 09:02:03 -0800
Message-id: <[🔎] 20050331170203.GE14766@penguin.codegnome.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] dbe71fb505033102556b1dc9d4@mail.gmail.com>
References: <[🔎] dbe71fb505033102556b1dc9d4@mail.gmail.com>

On Thu, Mar 31, 2005 at 12:55:46PM +0200, Frederic Guillet wrote:

> I have about 500 attemps with different usernames and the same IP so i
> guess it is a robot which is trying to enter my system.

Use /etc/hosts.deny to block that IP address. You can also achieve
similar results in the /etc/ssh/sshd_config file. As for whether or no
the session was actually opened, that information is being logged to
/var/log/auth.log by default.

-- 
Find my Techno-Geek Journal at http://www.codegnome.org/geeklog/

Reply to:

Follow-Ups:
- Re: intrusion via ssh
  - From: Frederic Guillet <fguillet@gmail.com>
- Re: intrusion via ssh
  - From: Olaf Conradi <oohlaf@gmail.com>

References:
- intrusion via ssh
  - From: Frederic Guillet <fguillet@gmail.com>

Prev by Date: Re: sarge and webmin
Next by Date: Re: debian logo font
Previous by thread: Re: intrusion via ssh
Next by thread: Re: intrusion via ssh
Index(es):
- Date
- Thread