#1  
Old 23rd March 2009, 00:50
stefki stefki is offline
Junior Member
 
Join Date: Sep 2008
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default Possible break-in attempt!

HI i`m running a Debian Server as well but i got a lot of attacks on my SSH port

reverse mapping checking getaddrinfo for 89.**** failed - POSSIBLE BREAK-IN ATTEMPT!

Mar 23 22:39:21 dserver sshd[2340]: subsystem request for sftp
Mar 23 22:39:21 dserver sshd[2342]: (pam_unix) session opened for user root by (uid=0)

my port SSH is not 22 i have changed, but i still have attacks, does anybody know how to protect from this ?
Reply With Quote
Sponsored Links
  #2  
Old 23rd March 2009, 18:47
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,730 Times in 2,568 Posts
 
Default

You can install fail2ban or DenyHosts to prevent brute-force attacks.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
fail2ban not banning vbrookie Server Operation 10 2nd December 2010 13:57
kernel compile error/ndiswrapper error Droogie Kernel Questions 1 28th April 2008 21:38
"aliasing" users - what can I break? sjau Server Operation 3 7th April 2008 17:46
Hacking attempt? Musty Server Operation 6 18th March 2008 02:23
Prevent BREAKIN ATTEMPT! IKShadow Installation/Configuration 6 22nd November 2006 22:15


All times are GMT +2. The time now is 09:39.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.