[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What to do about SSH brute force attempts?

On Thursday 21 August 2008 16:57:27 Max Zimmermann wrote:

> The problem with reporting the IPs is, that it can become a very big
> task, as the number of IPs denyhosts blocks increases.

You can always write a script that will send an email after every SSH 
bruteforce attack to a mail address from whois database. That way you don't 
have to do it manually, and still you can do some good deed if someone has a 
server that's broken into, and is not (yet) aware of that.

|    Jakov Sosic    |    ICQ: 28410271    |   PGP: 0x965CAE2D   |
| start fighting cancer -> http://www.worldcommunitygrid.org/   |

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: