[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What to do about SSH brute force attempts?

> On Thursday 21 August 2008 11:33:51 Michael Tautschnig wrote:
> > Hi all,
> >
> > since two days (approx.) I'm seeing an extremely high number of apparently
> > coordinated (well, at least they are trying the same list of usernames)
> > brute force attempts from IP addresses spread all over the world. I've got
> > denyhosts and an additional iptables based firewall solution in place to
> > mitigate these since quite some time already and this seems to do the trick
> > in terms of blocking them fairly quickly.
> >
> um, does the attempts include users "Schueler" and "Studentenclub"? 
> I've been getting these attempts from several ips, over several countries, all 
> day long since aug 19. Invalid usernames for my systems, so it's only a 
> log/mail annoyance, but bot-nets always gives me the creep.

Yes it does have these, plus access and adel sometimes. It pretty much feels
like school boys throwing dirt at your house, but in this case one seemingly
can't go outside and yell at the bastards...

Too bad,

Attachment: pgprecENxA4zg.pgp
Description: PGP signature

Reply to: