Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Since the 14th I've had 891 known attacks at my dns-323 running Debian (the box is not announced anywhere)
run the following and you'll see how many you've had:
grep sshd /var/log/auth.log* | grep Invalid | wc -l
To protect it, you can do this: http://dns323.kood.org/howto:securing_s … ce_attacks
Offline
PerS wrote:
Since the 14th I've had 891 known attacks at my dns-323 running Debian (the box is not announced anywhere)
run the following and you'll see how many you've had:Code:
grep sshd /var/log/auth.log* | grep Invalid | wc -lTo protect it, you can do this: http://dns323.kood.org/howto:securing_s … ce_attacks
That's not really the number of attacks, but more like the number of wrong username/password guesses.
Also, I get usually two lines matching "sshd" per guess, so half your number. No need to worry unless you're
using weak passwords. However, locking the bad guys out is always as good idea :-)
Offline
fonz wrote:
That's not really the number of attacks, but more like the number of wrong username/password guesses.
True, but you must also remember, DenyHosts will block after 5 attempts (some times it takes more before it triggers), so the number of attempts could have been much higher.
DenyHosts has blocked 11 IP address
grep sshd /etc/hosts.deny | wc -l
fonz wrote:
However, locking the bad guys out is always as good idea :-)
And that's my main point, if you leave it unattended, you'll get visitors that you don't want to be there (and eventually they'll get in).
Offline