|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Increase in SSH break-in attempts?
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mike Leone wrote:
>Anybody else noticing an increase lately, in the number of break-in attempts
>via SSH? I'm seeing more and more things like this, over the last few weeks:
Yeah, since around October of 2004. I have a copy of the script
somewhere that I found on an advisory site when I was researching the
issue. It started out just polling for about 4-5 common users.
Apparently what you have is an expanded user list. Sad thing is this
script has apparently been working, hence its popularity.
I never worried as long as I never allowed root to log in via SSH, and
as long as I had a unique uid and a strong password. But for users on
larger systems, that may not be an option.
I finally got sick of the logs and moved my SSH listen port to some
high numbered port and my logs have cleaned up 100%. For me it was
well worth the inconvenience of having to use an alternative port. YMMV.
Cheers,
Dave
- --
David Kaplowitz
UNIT Unix Systems group
Villanova University
610-519-6896
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCbl4A0nMoCk4O+jkRAiNuAJ9fT5wxEDxhkWVX1mJOHWA7bNr9dwCfVBi7
/VzfIf05egPVgOT7f7AtFBc=
=Bq/T
-----END PGP SIGNATURE-----
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|