[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Login attacks

Gene Heskett wrote:
On Tuesday 07 December 2004 17:46, Gerry Doris wrote:

On Tue, 2004-12-07 at 15:24, Michael Yep wrote:


In my LogWatch report I get many login attacks, many from the same
IP address.

   Authentication Failures:
      root ( 59 Time(s)
      adm ( 2 Time(s)
      apache ( 1 Time(s)
      nobody ( 1 Time(s)
      operator ( 1 Time(s)
   Invalid Users:
      Unknown Account: 43 Time(s)

I have permitRootLogin set to NO, and I use strong passwords, but
can I just add these IP addresses to hosts.deny?
and if so how would I set that up

Michael Yep
Development / Technical Operations
RemoteLink, Inc.

I had so many problems with the domain that I totally blocked the entire domain. I believe this domain is in Korea.

Gerry Doris <gdoris rogers com>

Another that bears blocking completely is as its 100%
spam of the non-edible variety.  Ditto for

Anybody else have any more to contribute?

Whoa, buddy. The entire is NOT a spam source. We have a /19 in that space and we're not spammers. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens vitalstream com - - VitalStream, Inc. http://www.vitalstream.com - - - - Brain: The organ with which we think that we think. - ----------------------------------------------------------------------

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]