[K12OSN] reporting and/or stopping cracking attempts on server

Joseph Bishay joseph.bishay at gmail.com
Thu Mar 17 20:13:15 UTC 2011


Hello,

On Thu, Mar 17, 2011 at 1:27 PM, Carl Keil <carl at snarlnet.com> wrote:
> Hello folks,
>
> For those of you that run servers exposed to the outside world, I just
> wanted to send a ping out and see what others are doing about this.  I'm
> seeing an escalation in what I call "brute force" attacks on my server.
>  Like people trying to SSH in repeatedly from one IP with common sounding
> user names.  Or lots of http requests (I've got web on the same server) for
> ....setup.php or setup.pl etc.  Repeated Auth requests to sendmail.

I run DenyHosts ( http://denyhosts.sourceforge.net/ ) on my servers
and it works very well for dealing with SSH brute force attacks.

Have a good day,
Joseph




More information about the K12OSN mailing list