break-in attempts on my server
David Kramer
david at thekramers.net
Sun Nov 20 18:54:44 EST 2005
Kent Borg wrote:
> On Sun, Nov 20, 2005 at 05:15:35PM -0500, David Kramer wrote:
>>Is there *anything* else I can do? There's hundreds of these attempts.
>
> If you have good passwords, they won't get in. I get tons of attempts
> most days and I don't worry about them.
I do. Not terribly worried about dictionary attacks.
> If you want to slow them down I have seen suggestions to have your
> iptables automatically blackhole the IP address of anyone who tries
> too many times to login and fails. The blackhole expires after a time
> so you don't collect a bunch of dynamic IP addresses that are later
> innocent.
>
> I haven't tried it myself, but take a look at one example
> https://www.redhat.com/archives/fedora-list/2005-May/msg01323.html
>
That's a lot more iptables-fu than I have right now, and I absolutely refuse
to install iptables rules I don't understand just because "I found them on
the internets". I will attempt to understand them, though. Thanks.
Any attack I've ever seen on my server either comed from an Asian country,
or a dynamic IP address, so I'm not sure it's worth the effort.
Thanks.
--
DDDD David Kramer david at thekramers.net http://thekramers.net
DK KD
DKK D War- the first resort of the unimaginative
DK KD
DDDD
More information about the Discuss
mailing list