• BLOG
•     atom feed
• Openmoko FreeRunner
• no sound in Fedora 9
• dnsmasq tftp problem
• iptables recent module
• ssh attack
• Fedora 8 on Koolu
• swappiness
• 2007
• 2000

2008 / 03 / 09

ssh attack

Checking our logs, we regularly see series of failed log in attempts to our ssh server, usually around 200 attempts per day, not much of a load for our server, but yesterday, the 8th of March 2008, two different machines set a new record:

202.143.163.218 tried to log in 706 times, using 504 unique unknown user IDs, and another 13 times as root.

208.49.226.106 tried to log in 10237 times, using 3503 unique unknown user IDs, and another 219 times as root.

We have now implemented sshd_config AllowUsers (thanks to the folks at IceQuake Ltd. for pointing this out), and the iptables recent module.