Interesting ....
Bill Campbell
linux-sxs at celestial.com
Sat Jul 5 10:09:04 PDT 2008
On Sat, Jul 05, 2008, Ben Duncan wrote:
> I have telnet and FTP service turned up on this workstation.
> It is behind a firewall with Port Forwarding and secured with
> wrappers/chains so ONLY my clients (Who have all static IP's)
> can get in. All things are set up VERY secure and in 10 years
> on various customer's servers this has yet to be hacked.
> There are other settings , but I am not gonna give my secrets away.
>
> Anyway, I DO monitor log's and Have been getting a LOT
> (hundreds) of hits of IP's trying to get in (with no luck) over the
> past few days. Mostly telnet then fall back to ftp.
>
> All the dig/nslookup return that the IP Block belongs to
> Russia and Croatia.
>
> Whaddya think? Russian Mafia trying to hack my system?
That sounds right.
I get about 20,000 repoorts per month from systems we monitor of
attempts to connect with ssh, ftp, telnet, etc.
You might look at fail2ban which can automatically block IP
addresses that attempts like this.
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186
We maintain that the very foundation of our way of life is what we call
free enterprise, said Cash McCall, but when one of our citizens
show enough free enterprise to pile up a little of that profit, we do
our best to make him feel that he ought to be ashamed of himself.
-- Cameron Hawley
More information about the Linux-users
mailing list