Ralph Katz wrote:
On 06/10/2007 12:26 PM, David Baron wrote:
Someone is trying to ssh on to my system. Trying on several ports. Not the
first time, either. Thankfully, he does not have a password. Besides a bunch
of Deprecated option ReverseMappingCheck, so far no harm done.
Since my logs have this IP number, how do I find out who it is?
Other replies address the question, but you could install fail2ban to
throttle the attacks from anywhere. fail2ban is a wonderful solution!
Ralph
Ralph
What does fail2ban actually do. As my machine is behind an OBSD
firewall, would it still be relevant?
Cheers
A
--
"If they can get you asking the wrong questions, they don't have to worry about the
answers." - Thomas Pynchon, "Gravity's Rainbow"
