Re: failed root login attempts
On 2004.09.19, Noah Meyerhans <noahm@debian.org> wrote:
> If I notice the scan immediately, I will occasionally blackhole the
> source IP at our network border, but it's rare that I notice in time.
That's why I suggested writing something that tail's the syslog and
detects the scan immediately ...
-- Dossy
--
Dossy Shiobara mail: dossy@panoptic.com
Panoptic Computer Network web: http://www.panoptic.com/
"He realized the fastest way to change is to laugh at your own
folly -- then you can let go and quickly move on." (p. 70)
Reply to: