[tor-relays] Abuse complaints about brute forceing via ssh
Paul Staroch
paulchen at rueckgr.at
Mon Jan 2 11:26:56 UTC 2012
Am 2012-01-02 12:23, schrieb cmeclax-sazri:
> On Sunday 01 January 2012 23:36:13 grarpamp wrote:
>> This 'attack' has been going on for YEARS. Nobody's really getting
>> shells (well some are), just dictionaried. The problem is that
>> OpenSSH logs this by default and people freak out when they
>> see it in their logs. It's just background noise. Real admins
>> tune it out and use ssh keys instead.
> I wrote a shell script that watches the logs and shuts off all access from an
> address that starts guessing passwords.
That is exactly what tools like "fail2ban" are for.
Paul
More information about the tor-relays
mailing list