fdr-os@corona.imap.cc wrote:
I get gobs of messages like this in /var/log/messages:
Dec 19 14:27:41 shoehorn sshd[11058]: Invalid user manager from 200.222.17.14 Dec 19 14:27:44 shoehorn sshd[11062]: Invalid user majordomo from 200.222.17.14 Dec 19 14:27:54 shoehorn sshd[11070]: Invalid user master from 200.222.17.14 Dec 19 14:28:06 shoehorn sshd[11080]: Invalid user named from 200.222.17.14 Dec 19 14:28:09 shoehorn sshd[11084]: Invalid user nasa from 200.222.17.14 Dec 19 14:28:16 shoehorn sshd[11088]: Invalid user netdump from 200.222.17.14 Dec 19 14:28:36 shoehorn sshd[11100]: Invalid user nfsnobody from 200.222.17.14 Dec 19 14:28:39 shoehorn sshd[11104]: Invalid user operator from 200.222.17.14
... on an older machine, I use fail2ban to look for this kind of harassment and block the IP for some amount of time.
Is there anything to accomplish this for SuSE?
I'm running SuSE 10.1.
hmm, I always limit the allowed IPs in hosts.{deny.allow} and also limit the list of users who can login via ssh in sshd_config - saves a lot of overhead if we just close the door, rather than trying to dance with these folks... Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org