Results 1 to 7 of 7
  1. #1

    constant login attempts


    Every log I get from my server contains long lists of failed logins - some for existing users (like root and admin and whatever) and loads and loads for nonexistent users. How should I go about protecting myself against this sort of nonsense? Apart from having unusual user names and good passwords of course! The attempts come from a different ip every day.


  2. #2
    Join Date
    Mar 2004
    These are just brute force logins.
    Get bfd and it will ban the ip(s) after x amount of failed logins.
    Or simply do as I do..
    Deny all access on port 22 except from specific ip's, be careful about this thou.
    Make sure you have a static ip or add the class c or b range.
    If your ip changes you will be locked out unless you have others that can add your new ip's to the allow list.

  3. #3
    Join Date
    Jan 2003
    Game Servers are the next hot market!
    Slim margins, heavy support, fickle customers, and moronic suppliers!
    Start your own today!

  4. #4
    thanks a lot, both of you! :-)

  5. #5
    Join Date
    Nov 2005
    Augusta, GA
    Change the shell port as well will assist in the matter.


    Inside the file there will be a line that says

    #Port 22

    What you are going to want to do is uncomment the line

    Port 22 << --- This being uncommented

    and then change the port to another port other than 22. Once you have edited the file and changed the port. Run the following command.

    service sshd restart

    You can find unused ports at

  6. #6
    [QUOTE=FunServers]Change the shell port as well will assist in the matter./QUOTE]

    That sounds like a very good idea, thanks.

  7. #7
    Join Date
    Nov 2005
    If your gonna change a port, make sure you do the change in your APF too BEFORE you logout or there could be a problem.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts