[FM Discuss] Modifying Bookipublisher
Gregory Pittman
gpittman at iglou.com
Mon Mar 25 06:53:45 PDT 2013
On 03/25/2013 09:26 AM, Tomi Toivio wrote:
> Also, that server is under constant SSH brute force attack. Just like
> every other server, but it still makes me wonder WTF is going on when
> even new test servers attract these attacks very fast.
>
> The attackers have basically zero chances of getting through (before
> year 4000 or 4 000 000 or something). It is just too interesting to
> monitor what is going on instead of doing something useful like
> localizing Booktype.
>
> Some basic level of Linux server hardening is needed everywhere now,
> at least install fail2ban if nothing else:
> http://www.fail2ban.org/wiki/index.php/Main_Page
>
At one point I had a server set up in my home so I could ssh to, and
pretty much instantaneously there were attempts to break in, so there
must be some constant roaming of the net out there looking for
vulnerable servers. Fortunately, I had done some homework before setting
it up so no break-ins ever occurred.
You have to keep checking the logs. I was also adding to the don't allow
list on a pretty regular basis after checking logs, just to keep the
noise down.
Greg
More information about the Discuss
mailing list