Re: SSH attacks from china

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sun, Jul 26, 2009 at 4:31 PM, Kai Schaetzl<maillists@xxxxxxxxxxxxx> wrote:
> Sorin Srbu wrote on Sat, 25 Jul 2009 19:40:28 +0200:
>
>> What if you have legit users from China and Korea trying to connect to your
>> server(s)?
>
> What if he does not? See, you always use the solution that fits you and your
> setup/environment/needs.
>
> Kai

Indeed!

Vietnam and Indonezia are also suspects in my list.
The biggest problem with this approach is that even tho I could ban
whole Asia and Russia, a significant part of the attacks do not
originate from there, but from countries like USA, UK, etc, controlled
by hackers (also) from the aforementioned areas...
The latest case of password breaking I had to deal with was from an
USA IP address.. they managed to insert an iframe in all index.html
and index.php files on the respective FTP account. The iframe however
was pointing to a .ru website hosted in France.. Isn't globalization
fun?!
Anyway, just banning ranges of IP addresses may not enough, so to rely
on this _only_ would be careless.

>
> --
> Kai Schätzl, Berlin, Germany
> Get your web at Conactive Internet Services: http://www.conactive.com
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux