One other method I have sucessfully used / am using is to change the port number
of the service being attacked. If we are talking about ssh this can be done in
the /etc/ssh/sshd_config file by changing / adding a Port xxxx line to the file.
I hope this helps you it has drastically decreased the number of people trying
to break down my front door.
--Jeff Means
MeansPC - Custom Web Development for your needs.
CentOS mailing list <centos@xxxxxxxxxx> wrote:
> On Sun, 2005-08-21 at 17:03 -0500, Jerry Geis wrote:
> > I have quite a few entries in /var/log/messages for connection attempts.
> > Is there anything other
> > than ignoring them I can do? Example is below.
> >
>
> There are a number of scripts (some Perl, some Python) out there to
> monitor the log and add an entry in hosts.deny to block any further
> attempts from the offending IP when too many failed password attempts
> are noted. You can find them with some "googling".
>
> I am using a modified one to stop these breakin attempts on my servers.
>
> > Aug 21 15:48:19 machine sshd(pam_unix)[17903]: check pass; user unknown
> > Aug 21 15:48:19 machine sshd(pam_unix)[17903]: authentication failure;
> > logname= uid=0 euid=0 tty=ssh ruser=
> > rhost=wsip-24-234-149-156.lv.lv.cox.net
> >
> > THanks,
> >
> > Jerry
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > http://lists.centos.org/mailman/listinfo/centos
> --
> Rich Huff <rich@xxxxxxxxxxxx>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
--
--
Jeffrey D. Means meaje@xxxxxxxxxxx
Owner / CIO for MeansPC http://www.meanspc.com/
Custom Web Development For Your Needs. (970)308-1298
- The stupidity of a stupid person is exercised in a restricted
field; the stupidity of an intelligent individual has a much broader
diffusion, and far greater effect, aided as it is by the element
of surprise.
