|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Increase in SSH break-in attempts?
|
Quoting Mike Leone <turgon@mike-leone.com>:
> Anybody else noticing an increase lately, in the number of break-in
> attempts
> via SSH? I'm seeing more and more things like this, over the last few
> weeks:
[...]
> > Apr 26 09:46:37 mail sshd[23206]: Failed password for illegal user
> jordan from 72.21.36.122 port 57322 ssh2
> > Apr 26 09:46:39 mail sshd[23208]: Failed password for illegal user
> michael from 72.21.36.122 port 57420 ssh2
I saw something like this on my home system about two months back, with
a similarly inane list of usernames...definitely scripty/wormy activity.
When I noticed, I disabled password authentication for ssh...I use key-
based auth for the most part, anyway.
I've been meaning to play around with port knocking. Any thoughts
from folks who've experimented with it or are using it now?
pls
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|