[Tfug] OT: Reporting Network Abuse?
Robert Hunter
hunter at tfug.org
Sun Jun 24 13:45:19 MST 2007
On 6/24/07, Christopher Robbins <robbinsc at gmail.com> wrote:
> In leaving SSH open, I've noticed a ton of failed login attempts, like
this...
Hi, Chris. Looks like that IP is in China somewhere. Perhaps I am
being pessimistic, but I doubt a report would have any effect. One
very simple thing you could use in order to mitigate these kinds of
break-in attempts -- and it has worked well for me -- is TCP wrappers.
Define who can and cannot connect to services on your box via
/etc/hosts.{allow,deny}, and that should prevent those clowns from
ever getting a login prompt on your box again.
PS. I don't consider this post OT at all.
--
Rob
More information about the tfug
mailing list