Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Anders B Jansson (hdwkallisti.se)
Date: Mon Oct 22 2007 - 17:04:06 CDT
>> Oct 22 20:36:13 nms sshd: Failed password for invalid user gopher
>> from 220.127.116.11 port 55120 ssh2
> user/password authentication for SSH? one way of cleaning up your
> logs and killing this type of attack is to reconfigure your OpenSSH
> to only allow key based logins. stopped my 10M+ logfiles straight away
An even better way is to punt the attackers to a 'silent drop' table in your firewall.
Cuts your logs to nothing and keeps the kiddies wasting their time.
The latest attack surge is either directed or a bit more clever, haven't seen anything on my random user DSL traps.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/