Blacklisting IPs
stheg olloydson
stheg_olloydson at yahoo.com
Tue Jan 11 20:15:53 PST 2005
it was said:
>These types of attacks don't seem directed -- it's more like fishing
>for unprotected systems.
>
>FWIW, changing the ssh port dropped the illegal user attempts to 0
>instantly...
>
>- ben
>
>On Mon, 10 Jan 2005 23:29:10 -0800, Ted Mittelstaedt
>
><tedm at toybox.placo.com> wrote:
>> If I'm going to attack you I'm going to use nessus to scan all
>> ports on your machine.
Hello,
Too many break-in attempts come from cracked Windows boxes running
script bots to make reporting these attempts practical, so I changed my
ssh port to a non-standard one. Now, if I see a break-in attempt, I
block the /21 the attacking IP falls into and report it to the relevant
ISP/network admin because I know a black hat has taken a personal
interest in my network.
Regards,
Stheg
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
More information about the freebsd-questions
mailing list