[Tfug] OT: Reporting Network Abuse?
Christopher Robbins
robbinsc at gmail.com
Sun Jun 24 13:59:48 MST 2007
On 6/24/07, Robert Hunter <hunter at tfug.org> wrote:
>
> On 6/24/07, Christopher Robbins <robbinsc at gmail.com> wrote:
> > In leaving SSH open, I've noticed a ton of failed login attempts, like
> this...
>
> Hi, Chris. Looks like that IP is in China somewhere. Perhaps I am
> being pessimistic, but I doubt a report would have any effect.
I figured it'd be hard to get help. And I assume that most of the big time
ISPs are loathe to contact their users to clean up their machines.
One
> very simple thing you could use in order to mitigate these kinds of
> break-in attempts -- and it has worked well for me -- is TCP wrappers.
> Define who can and cannot connect to services on your box via
> /etc/hosts.{allow,deny}, and that should prevent those clowns from
> ever getting a login prompt on your box again.
I've changed sshd to allow only my username to access the box. I like your
idea as well - something fun and geeky on a Sunday afternoon...
PS. I don't consider this post OT at all.
Eh, wasn't quite sure. Better safe than sorry :)
Thanks for the help.
- Chris
--
Chris Robbins
Systems Programmer
Department of English - University of Arizona
http://www.homerengineeringcorp.net
More information about the tfug
mailing list