Re: How we handle attacks?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I guess you are talking about ssh access?

Most of these logins are automated bot attempts. On my personal servers, one easy way I have found is changing the default port to something else and that cuts down my lastb by almost 99%!


On Thu, Oct 3, 2013 at 5:50 PM, Miroslav Suchý <msuchy@xxxxxxxxxx> wrote:
I see in log file of copr-fe-dev a lot of attempts to login as root/postgres/nagios/oracl/test user. Well it is ~4000 attempts. So it depend on your definition of "lot of". But it caught my attention.

Do we have some standard procedure how to handle it? Add that IPs to blacklist? Move ssh port to non standard number? Or should I just ignore them?
--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Software Engineer, #brno, #devexp, #fedora-buildsys
_______________________________________________
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux