[SGVLUG] ssh breakins - tcp wrappers

Robert mrflash818 at geophile.net
Fri Aug 4 08:47:25 PDT 2006


another idea: tcp wrapper that blocks "dmisinetworks.net" from ssh?

Just for fun (and nostalgia)
http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/ch-tcpwrappers.html


> I thought when I switched to rsa these break in attempts would be
> discouraged.
> What more can I do?
>
>
> It has nothing of value to anyone other than the users. Messing it up
> would mess up one non-profit.
>
>
> --------------------- SSHD Begin ------------------------
>
>
> Failed logins from:
>     66.253.169.114 (mr-min-169-114.dmisinetworks.net): 14 times
>
> Illegal users from:
>     66.253.169.114 (mr-min-169-114.dmisinetworks.net): 24 times
>
>
> Received disconnect:
>     11: Bye Bye : 38 Time(s)
>
> **Unmatched Entries**
> Address 69.57.150.12 maps to server114.xl-server.org, but this does not
> map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 714 time(s)
>
>
>
>
>


-- 
"Knowledge is Power" -- Francis Bacon

Robert Leyva
mrflash818 at geophile.net



More information about the SGVLUG mailing list