Security Basics mailing list archives
Re: what to do?
From: Barrie Dempster <barrie () reboot-robot net>
Date: Sat, 27 Aug 2005 11:50:06 +0100
On Thu, 2005-08-25 at 00:30 -0700, Bill Smith wrote:
Hi Guys, I noticed that someone is trying to hacker into my machine. Please see below is the content of /var/log/security. what I would like some advice of you guys is, what will I do with these people? btw, I do have FW
Automated SSH scans that have been happening for a while. If you aren't getting them then your SSH server isn't working :-P . There are a few ways to stop them cluttering up your logs, simplest is to put SSH on a port other than 22, as these are not often targeted scans - they are blanket scans. Another effective technique is to drop any IP's that appear to be brute forcing you , eg... http://www.debian-administration.org/articles/187 Generally this is nothing to worry about if you have decent passwords on your user accounts, but the log clutter can be a nuisance. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
Attachment:
smime.p7s
Description:
Current thread:
- Re: what to do?, (continued)
- Re: what to do? Alexander Bolante (Aug 29)
- Re: what to do? Robert Escue (Aug 29)
- Re: what to do? Bow Sineath (Aug 29)
- Re: what to do? Leif Ericksen (Aug 31)
- Re: what to do? Duncan (Aug 29)
- Re: what to do? Jonathan Loh (Aug 29)
- RE: what to do? Eduardo Suzuki (Aug 30)
- Re: what to do? morph84 (Aug 29)
- Re: what to do? cam (Aug 30)
- Re: what to do? zp (Aug 30)
- Re: what to do? cam (Aug 30)
- Re: what to do? Barrie Dempster (Aug 29)
- Re: what to do? paavan shah (Aug 29)
- Re: what to do? Alexander Klimov (Aug 30)
- Re: what to do? Anthony J Placilla (Aug 30)
- RE: what to do? Mehmet Buyukozer (Aug 31)
- RE: what to do? Rochford, Paul (BOI Compliance) (Aug 30)
- RE: what to do? Shane Singh (Aug 30)
- Re: what to do? Steve.Cummings (Aug 30)
- RE: what to do? Shane Singh (Aug 31)
- Re: what to do? zp (Aug 31)