Gentoo Archives: gentoo-security

From: APerez@×××.ca
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] hackers
Date: Tue, 11 Oct 2005 12:30:39
Message-Id: OFB2EF5146.E8821ABC-ON85257097.0043A1ED-85257097.0043B5C7@cds.ca
In Reply to: [gentoo-security] hackers by Jochen Maes
I have a question:

Is there an application/program which can send an email whenever this
ssh attack happen?

A few months ago I got 300 attempts which made me close ssh port
and stop using it for a while.

Thanks

Alfredito
 



Jochen Maes <sejo@g.o> 
10/10/2005 05:52 AM
Please respond to
gentoo-security@l.g.o


To
gentoo-security@l.g.o
cc

Subject
[gentoo-security] hackers






-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey all,


ok one off my servers i keep on getting one iprange that tries to
login through ssh (200-300) attemps with other usernames.
This is probably a script that's being ran all the time, but the isp
doesn't mind, i allready sent my logs and my complaints and i don't
get any response.
Is there something like hackerwatch that i can send those logs to
(preferrably automatically) when happening?
I've blocked the range now so isn't a problem but hate it that the isp
doesn nothing against it.

greetings,

SeJo

- --
"Defer no time, delays have dangerous ends"

Jochen Maes 
Gentoo Linux
Gentoo Belgium
http://sejo.be
http://gentoo.be
http://gentoo.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDSjnYMXMsRNMHhmARAoXVAJ92bRcBAO04hIUk2VgBOcpm1gm9cgCgmNHe
ZPNqAHab5fXLdx11vdod5rc=
=35Kg
-----END PGP SIGNATURE-----

-- 
gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] hackers Kurt Lieber <klieber@g.o>
Re: [gentoo-security] hackers Chris Smart <taskara@××××××××××××.net>
Re: [gentoo-security] hackers Oliver Schad <o.schad@×××.de>
Re: [gentoo-security] hackers Erik Anderson <erikerik@×××××.com>
RE: [gentoo-security] hackers Sean Cook <scook@×××××.net>