Results 1 to 7 of 7
  1. #1

    constant login attempts

    Hello,

    Every log I get from my server contains long lists of failed logins - some for existing users (like root and admin and whatever) and loads and loads for nonexistent users. How should I go about protecting myself against this sort of nonsense? Apart from having unusual user names and good passwords of course! The attempts come from a different ip every day.

    Thanks

  2. #2
    Join Date
    Mar 2004
    Posts
    295
    These are just brute force logins.
    Get bfd and it will ban the ip(s) after x amount of failed logins.
    Or simply do as I do..
    Deny all access on port 22 except from specific ip's, be careful about this thou.
    Make sure you have a static ip or add the class c or b range.
    If your ip changes you will be locked out unless you have others that can add your new ip's to the allow list.
    http://www.rfxnetworks.com/bfd.php

  3. #3
    Join Date
    Jan 2003
    Posts
    1,715
    Game Servers are the next hot market!
    Slim margins, heavy support, fickle customers, and moronic suppliers!
    Start your own today!

  4. #4
    thanks a lot, both of you! :-)

  5. #5
    Join Date
    Nov 2005
    Location
    Augusta, GA
    Posts
    11
    Change the shell port as well will assist in the matter.

    /etc/ssh/sshd_config

    Inside the file there will be a line that says

    #Port 22

    What you are going to want to do is uncomment the line

    Port 22 << --- This being uncommented

    and then change the port to another port other than 22. Once you have edited the file and changed the port. Run the following command.

    service sshd restart

    You can find unused ports at http://www.iss.net/security_center/a...ts/default.htm


  6. #6
    [QUOTE=FunServers]Change the shell port as well will assist in the matter./QUOTE]

    That sounds like a very good idea, thanks.

  7. #7
    Join Date
    Nov 2005
    Posts
    76
    If your gonna change a port, make sure you do the change in your APF too BEFORE you logout or there could be a problem.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •