[nobody@localhost: DenyHosts Report]
Christopher Schmidt
crschmidt at crschmidt.net
Tue Dec 20 00:53:00 EST 2005
With all this talk about DenyHosts, I looked in my ssh log and saw
several thousands of attempts at root logins from some Taiwanese IP last
week. As a result, I took the time to install DenyHosts: I figured it'd
be worth it, and right off the bat it blocked an attacking IP.
Great idea, until about 15 minutes ago, when I got this email:
> From: DenyHosts <nobody at localhost>
> To: crschmidt at crschmidt.net
> Date: Tue, 20 Dec 2005 00:32:16 -0500
> Subject: DenyHosts Report
>
> Added the following hosts to /etc/hosts.deny:
>
> commune.crschmidt.net
Okay, so chances are extremely good that I could fix this with better
settings, but for now I've shut down the denyhosts daemon until I can
figure out what I did wrong. I do see 3 failed password attempts in the
last 1000 lines of auth.log, but with 3 of us at the house regularly
using SSH, that's not out of the question.
And I certainly don't want to wake up in the morning and find out that
my ssh access is blocked :)
--
Christopher Schmidt
Web Developer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20051220/d36661f8/attachment.bin
More information about the gnhlug-discuss
mailing list