[SGVLUG] ssh breakins - tcp wrappers
Robert
mrflash818 at geophile.net
Fri Aug 4 08:47:25 PDT 2006
another idea: tcp wrapper that blocks "dmisinetworks.net" from ssh?
Just for fun (and nostalgia)
http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/ch-tcpwrappers.html
> I thought when I switched to rsa these break in attempts would be
> discouraged.
> What more can I do?
>
>
> It has nothing of value to anyone other than the users. Messing it up
> would mess up one non-profit.
>
>
> --------------------- SSHD Begin ------------------------
>
>
> Failed logins from:
> 66.253.169.114 (mr-min-169-114.dmisinetworks.net): 14 times
>
> Illegal users from:
> 66.253.169.114 (mr-min-169-114.dmisinetworks.net): 24 times
>
>
> Received disconnect:
> 11: Bye Bye : 38 Time(s)
>
> **Unmatched Entries**
> Address 69.57.150.12 maps to server114.xl-server.org, but this does not
> map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 714 time(s)
>
>
>
>
>
--
"Knowledge is Power" -- Francis Bacon
Robert Leyva
mrflash818 at geophile.net
More information about the SGVLUG
mailing list