On Sat, 2009-10-03 at 23:34 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Saturday, 2009-10-03 at 16:19 -0400, Chuck Payne wrote:
Guys, I have a script that been storing all the ssh attacks for over the last 6 months if anyone one like a dump of it, I more than happy to share it. It got about 1000+ ip in it.
Well, that's useful if the IPs are static, but not if the bots are on dymaic addresses. Plus, six months is a lot of time, those machines could have been "repaired" since.
You want to block them altogether? Think again, if they came from a dynamic address, you'll block the next owner as well. Just block passwords all together, it doesn't claim any resources at your side (In contrast of scrutinysing that number of addresses), and don't have to analyse your logfiles for ssh-attacks, as there wont be any anymore. hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org