[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Login attacks



----- Original Message ----- From: "Michael Yep" <myep remotelink com>
To: "For users of Fedora Core releases" <fedora-list redhat com>
Sent: Tuesday, December 07, 2004 12:24 PM
Subject: Login attacks



Hello

In my LogWatch report I get many login attacks, many from the same IP address.

sshd:
   Authentication Failures:
      root (218.232.109.187): 59 Time(s)
      adm (218.232.109.187): 2 Time(s)
      apache (218.232.109.187): 1 Time(s)
      nobody (218.232.109.187): 1 Time(s)
      operator (218.232.109.187): 1 Time(s)
   Invalid Users:
      Unknown Account: 43 Time(s)

I have permitRootLogin set to NO, and I use strong passwords, but can I just add these IP addresses to hosts.deny?
and if so how would I set that up





I set SSHd to a non standard port way up the chain and changed my firewall rules. No more problems.


Karen
http://scootgirl.com/




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]