How we handle attacks?
Anshu Prateek
anshprat at gmail.com
Mon Oct 7 03:23:24 UTC 2013
I guess you are talking about ssh access?
Most of these logins are automated bot attempts. On my personal servers,
one easy way I have found is changing the default port to something else
and that cuts down my lastb by almost 99%!
On Thu, Oct 3, 2013 at 5:50 PM, Miroslav Suchý <msuchy at redhat.com> wrote:
> I see in log file of copr-fe-dev a lot of attempts to login as
> root/postgres/nagios/oracl/**test user. Well it is ~4000 attempts. So it
> depend on your definition of "lot of". But it caught my attention.
>
> Do we have some standard procedure how to handle it? Add that IPs to
> blacklist? Move ssh port to non standard number? Or should I just ignore
> them?
> --
> Miroslav Suchy, RHCE, RHCDS
> Red Hat, Software Engineer, #brno, #devexp, #fedora-buildsys
> ______________________________**_________________
> infrastructure mailing list
> infrastructure at lists.**fedoraproject.org<infrastructure at lists.fedoraproject.org>
> https://admin.fedoraproject.**org/mailman/listinfo/**infrastructure<https://admin.fedoraproject.org/mailman/listinfo/infrastructure>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20131007/c2c49f5e/attachment.html>
More information about the infrastructure
mailing list