Re: How can I block IP address range with sshd_config

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 27 Jul 2004 16:21:51 -0500, James Marcinek
<jmarc1@xxxxxxxxxxxxxx> wrote:
> I recently had the same issue. I could you give an example of a reject rule.
> This is the IP address that was used: 210.99.38.200 They tried to use the same
> non-existent account. Is there some exploit out there or are they just trying to
> get into a system that is not secured well?

I'm wondering the same thing. I had a couple of attempts last night
from 12.181.128.5. Given the fact that it seems to be coming from
multiple systems I'm guessing it's either a worm or a script kiddie
who's managed to find some vulnerable systems and then keeps trying
the same trick ad infinitum.

I did a whois on the source IP and sent an email about the problem to
the admin contact. It might not do anything but it can't hurt.

--Brad



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux