Apparently, my server has a few fans, with nothing better to do, then attempt access. How do i lock these people out?? --------------------- pam_unix Begin ------------------------ runuser-l: Unknown Entries: session closed for user cyrus: 1 Time(s) session opened for user cyrus by (uid=0): 1 Time(s) sshd: Authentication Failures: root (79.119.32.88): 59 Time(s) unknown (79.119.32.88): 41 Time(s) root (222.171.126.5): 8 Time(s) adm (79.119.32.88): 2 Time(s) apache (79.119.32.88): 1 Time(s) cyrus (79.119.32.88): 1 Time(s) mysql (79.119.32.88): 1 Time(s) nobody (79.119.32.88): 1 Time(s) operator (79.119.32.88): 1 Time(s) Invalid Users: Unknown Account: 41 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ Userhelper executed applications: nightdude -> system-config-bind as root: 1 Time(s) nightdude -> pup as root: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- SSHD Begin ------------------------ Failed logins from: 79.119.32.88 (79-119-32-88.rdsnet.ro): 66 times 222.171.126.5: 8 times Illegal users from: 79.119.32.88 (79-119-32-88.rdsnet.ro): 41 times Users logging in through sshd: root: 66.153.133.201 (201.133-pool-xdsl-mi.sccoast.net): 2 times Received disconnect: 11: Bye Bye : 115 Time(s) Thanks.. Night
This might be the program(s) you are searching for: http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts http://www.howtoforge.com/fail2ban_debian_etch