On Fri, 2005-11-04 at 12:48 +0100, Rakotomandimby Mihamina wrote: > > recently, i can see ofthen brute force attacks in my ssh logfile. > > A friend of mine, who has the same ISP gets the same bruteforce attacks. > > What would be an adequate reaction to repeated ssh bruteforce attacks? > > Nothing. In fact, I manage some servers, and I get millions of these > kind of attacks. If someone should take care of them, it would be a huge > work. It's just like spam, just drop. OpenSSH is reliable enough ;-).
That's exactly what I was doing; then my log partition filled up. I wrote a little shell script cron job that detects new ones and adds the IP to the firewall's BadGuys chain for a couple days. -- Glenn English [EMAIL PROTECTED] GPG ID: D0D7FF20 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
