How can I block IP address range with sshd_config
Brad Smith
usernamenumber at gmail.com
Tue Jul 27 21:35:36 UTC 2004
On Tue, 27 Jul 2004 16:21:51 -0500, James Marcinek
<jmarc1 at jemconsult.biz> wrote:
> I recently had the same issue. I could you give an example of a reject rule.
> This is the IP address that was used: 210.99.38.200 They tried to use the same
> non-existent account. Is there some exploit out there or are they just trying to
> get into a system that is not secured well?
I'm wondering the same thing. I had a couple of attempts last night
from 12.181.128.5. Given the fact that it seems to be coming from
multiple systems I'm guessing it's either a worm or a script kiddie
who's managed to find some vulnerable systems and then keeps trying
the same trick ad infinitum.
I did a whois on the source IP and sent an email about the problem to
the admin contact. It might not do anything but it can't hurt.
--Brad
More information about the fedora-list
mailing list