|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Anders B Jansson (hdw
kallisti.se)
Date: Mon Oct 22 2007 - 17:04:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
A.L.M.Buxeylboro.ac.uk wrote:
> Hi,
>
>> Oct 22 20:36:13 nms sshd[90657]: Failed password for invalid user gopher
>> from 77.46.152.2 port 55120 ssh2
>
> user/password authentication for SSH? one way of cleaning up your
> logs and killing this type of attack is to reconfigure your OpenSSH
> to only allow key based logins. stopped my 10M+ logfiles straight away
An even better way is to punt the attackers to a 'silent drop' table in your firewall.
Cuts your logs to nothing and keeps the kiddies wasting their time.
The latest attack surge is either directed or a bit more clever, haven't seen anything on my random user DSL traps.
--
// hdw
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]