How should I react to break in attempts
Arthur Pemberton
dalive at flashmail.com
Fri Apr 8 23:09:57 UTC 2005
Arthur Pemberton wrote:
> I'm gettign mail from logwatch as to the following:
>
> root (en201247.uac63.hknet.com): 3 Time(s)
>
>
> What's my best plan of action to respond to such? Yes I root logins
> via sshd disabled.
>
> Thanks for the advice.
>
>
This host is really tring it's best at sshd, there are many attempts to
my sshd. Is it a good idea to just block that ip via iptables?
More information about the users
mailing list