Steven Buehler wrote:
>
> On Jul 15, 2005, at 11:26 AM, John Pugh wrote:
>
>> FYI...most of these "attacks" come from already hacked
>> computers so retaliation might be directed towards the wrong people.
>
>
> The is also the possibility that the attacking computer has a forged IP
> or is doing so through a proxy.
I had these a couple of weeks ago and looked into it. It is probably
someone's rooted box running an SSH brute force cracker.
I don't know how effective it would be to try to contact the ISPs where
these are originating, but it couldn't hurt. However, the attacks will
keep coming so what I did is changed the default port for sshd. That
alone stopped it. To be a little extra safe you can also disable root
logins.
-- Josh Bowers, Web Developer <josh@gargoylesolutions.com> http://www.gargoylesolutions.com P: 863.248.1621 F: 863.248.1627 ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:45:53 EDT