Re: Login attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- Original Message ----- From: "Michael Yep" <myep@xxxxxxxxxxxxxx>
To: "For users of Fedora Core releases" <fedora-list@xxxxxxxxxx>
Sent: Tuesday, December 07, 2004 12:24 PM
Subject: Login attacks


Hello

In my LogWatch report I get many login attacks, many from the same IP address.

sshd:
   Authentication Failures:
      root (218.232.109.187): 59 Time(s)
      adm (218.232.109.187): 2 Time(s)
      apache (218.232.109.187): 1 Time(s)
      nobody (218.232.109.187): 1 Time(s)
      operator (218.232.109.187): 1 Time(s)
   Invalid Users:
      Unknown Account: 43 Time(s)

I have permitRootLogin set to NO, and I use strong passwords, but can I just add these IP addresses to hosts.deny?
and if so how would I set that up




I set SSHd to a non standard port way up the chain and changed my firewall rules. No more problems.

Karen
http://scootgirl.com/


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux