break-in attempts on my server
Kent Borg
kentborg at borg.org
Sun Nov 20 17:44:09 EST 2005
On Sun, Nov 20, 2005 at 05:15:35PM -0500, David Kramer wrote:
> Is there *anything* else I can do? There's hundreds of these attempts.
If you have good passwords, they won't get in. I get tons of attempts
most days and I don't worry about them.
If you want to slow them down I have seen suggestions to have your
iptables automatically blackhole the IP address of anyone who tries
too many times to login and fails. The blackhole expires after a time
so you don't collect a bunch of dynamic IP addresses that are later
innocent.
I haven't tried it myself, but take a look at one example
https://www.redhat.com/archives/fedora-list/2005-May/msg01323.html
Let us know how it turns out.
-kb
More information about the Discuss
mailing list