Mailinglist Archive: opensuse (1570 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
On Sat, 2009-10-03 at 23:34 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On Saturday, 2009-10-03 at 16:19 -0400, Chuck Payne wrote:

Guys, I have a script that been storing all the ssh attacks for over
the last 6 months if anyone one like a dump of it, I more than happy
to share it. It got about 1000+ ip in it.

Well, that's useful if the IPs are static, but not if the bots are on
dymaic addresses. Plus, six months is a lot of time, those machines could
have been "repaired" since.


You want to block them altogether?
Think again, if they came from a dynamic address, you'll block the next
owner as well.

Just block passwords all together, it doesn't claim any resources at
your side (In contrast of scrutinysing that number of addresses), and
don't have to analyse your logfiles for ssh-attacks, as there wont be
any anymore.

hw
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >