Ralph Katz wrote:
RalphOn 06/10/2007 12:26 PM, David Baron wrote:Someone is trying to ssh on to my system. Trying on several ports. Not the first time, either. Thankfully, he does not have a password. Besides a bunch of Deprecated option ReverseMappingCheck, so far no harm done. Since my logs have this IP number, how do I find out who it is?Other replies address the question, but you could install fail2ban to throttle the attacks from anywhere. fail2ban is a wonderful solution! Ralph What does fail2ban actually do. As my machine is behind an OBSD firewall, would it still be relevant? Cheers A -- "If they can get you asking the wrong questions, they don't have to worry about the answers." - Thomas Pynchon, "Gravity's Rainbow" |