That is a good idea. I have never heard of fail2ban before now, looks like
I'll need to give it a try.
Thomas Plastino Martin
https://launchpad.net/~tenach
http://tenach.net
On Sun, Jul 25, 2010 at 3:26 PM, adam bultman <adamb@glaven.org> wrote:
>
> On 07/25/2010 02:34 PM, Marc Grober wrote:
> > Has anyone else noticed an increase in probes by exploiters, especially
> eff=
> > orts to access systems via ssh over last few weeks?
> >
> >
> >
> Yes. I've also found that some script kiddies are now scanning ahead of
> time to find servers with SSH running on off ports. I have SSH servers
> running on off ports, and those have been located and have been used to
> attempt to break into the system.
>
> I'm about to set up fail2ban on my public systems and decrease the
> filtering of my logwatch/email parser at work to include more info on
> the systems trying to get in, and the users they are trying to exploit.
>
> --
> Adam
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sun Jul 25 16:58:30 2010
This archive was generated by hypermail 2.1.8 : Sun Jul 25 2010 - 16:58:30 AKDT