Na veřejné IP adrese člověk musí počítat s tím, že je vystaven všem možným útokům od crackerů z celého světa. Už mě nebavilo sledovat v logu jak si někdo na mém serveru zkouší hádat hesla na vzdálené ovládání(sshd), tak jsem se rozhodl nainstalovat Fail2Ban. Zapnul jsem hlídání sshd a proftpd, tak jsem zvědav jak to bude účinné a jestli mi moc nebude komplikovat práci.
No, tak teď se stupňují i utoky z různých adres. :(
May 7 03:00:04 Milhaus sshd[7041]: error: PAM: Authentication failure for root from 85–126–20–50.sh-wien.inode.at
May 7 03:03:06 Milhaus sshd[7388]: error: PAM: Authentication failure for root from mx.litoralcitrus.com.ar
May 7 03:05:47 Milhaus sshd[7724]: error: PAM: Authentication failure for root from host17–99-static.35–88-b.business.telecomitalia.it
May 7 03:08:07 Milhaus sshd[8025]: error: PAM: Authentication failure for root from 212.150.167.61
May 7 03:10:56 Milhaus sshd[8364]: error: PAM: Authentication failure for root from host76–13-static.28–87-b.business.telecomitalia.it
May 7 03:13:20 Milhaus sshd[8525]: error: PAM: Authentication failure for root from adsl-168–98.globonet.hu
May 7 03:16:24 Milhaus sshd[8903]: error: PAM: Authentication failure for root from 12.25.93.190
May 7 03:18:36 Milhaus sshd[9204]: Address 196.22.221.66 maps to mail.sachefsacademy.com, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
May 7 03:18:37 Milhaus sshd[9204]: error: PAM: Authentication failure for root from 196.22.221.66
May 7 03:21:45 Milhaus sshd[9564]: error: PAM: Authentication failure for root from 60.19.28.157
May 7 03:24:42 Milhaus sshd[9907]: error: PAM: Authentication failure for root from ex216126.uac63.hknet.com
May 7 03:26:42 Milhaus sshd[10199]: error: PAM: Authentication failure for root from pd95b4140.dip0.t-ipconnect.de
May 7 03:29:39 Milhaus sshd[10539]: error: PAM: Authentication failure for root from 213.246.239.99
May 7 03:32:08 Milhaus sshd[10881]: reverse mapping checking getaddrinfo for net-178–212–58–207.in-addr.arpa [207.58.212.178] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 03:32:08 Milhaus sshd[10881]: error: PAM: Authentication failure for root from 207.58.212.178
May 7 03:35:13 Milhaus sshd[11242]: error: PAM: Authentication failure for root from 43.220.forpsi.net
May 7 03:40:32 Milhaus sshd[11759]: error: PAM: Authentication failure for root from 88.87.195.14
May 7 03:43:11 Milhaus sshd[12090]: error: PAM: Authentication failure for root from 12.25.93.190
May 7 03:46:08 Milhaus sshd[12463]: error: PAM: Authentication failure for root from 213.170.88.82
May 7 03:49:13 Milhaus sshd[12813]: error: PAM: Authentication failure for root from 213.33.201.30
May 7 03:51:51 Milhaus sshd[13143]: error: PAM: Authentication failure for root from dvi242.internetdsl.tpnet.pl
May 7 03:55:01 Milhaus sshd[13503]: error: PAM: Authentication failure for root from 66.99.53.142
May 7 03:57:37 Milhaus sshd[13830]: error: PAM: Authentication failure for root from 213.170.88.82
May 7 04:00:49 Milhaus sshd[14220]: error: PAM: Authentication failure for root from otwaon23–1168105680.sdsl.bell.ca
May 7 04:03:28 Milhaus sshd[14546]: error: PAM: Authentication failure for root from mail.pragmaticus.ru
May 7 04:06:39 Milhaus sshd[14917]: error: PAM: Authentication failure for root from 106.62–97–204.bkkb.no
May 7 04:10:31 Milhaus sshd[15324]: error: PAM: Authentication failure for root from nlp.cs.nthu.edu.tw
May 7 04:12:50 Milhaus sshd[15631]: reverse mapping checking getaddrinfo for 69–104–213–25.larrystbird.com [69.104.213.25] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 04:12:50 Milhaus sshd[15631]: error: PAM: Authentication failure for root from 69.104.213.25
May 7 04:18:48 Milhaus sshd[16349]: error: PAM: Authentication failure for root from blulove.pl
May 7 04:22:10 Milhaus sshd[16730]: error: PAM: Authentication failure for root from 195.120.101.75
May 7 04:24:56 Milhaus sshd[17065]: error: PAM: Authentication failure for root from ns2374.ovh.net
May 7 04:28:13 Milhaus sshd[17435]: error: PAM: Authentication failure for root from gaara.eudex.net
May 7 04:31:10 Milhaus sshd[17800]: reverse mapping checking getaddrinfo for customer68–83–177.iplannetworks.net [200.68.83.177] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 04:31:11 Milhaus sshd[17800]: error: PAM: Authentication failure for root from 200.68.83.177
May 7 04:34:29 Milhaus sshd[18169]: error: PAM: Authentication failure for root from dzp178.internetdsl.tpnet.pl
May 7 04:36:21 Milhaus sshd[18449]: Did not receive identification string from 202.28.66.7
May 7 04:37:52 Milhaus sshd[18693]: Address 89.107.16.5 maps to 39757.net, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
May 7 04:37:52 Milhaus sshd[18693]: error: PAM: Authentication failure for root from 89.107.16.5
May 7 04:40:48 Milhaus sshd[19038]: error: PAM: Authentication failure for root from 212.24.179.54
May 7 04:44:11 Milhaus sshd[19414]: error: PAM: Authentication failure for root from 87.241.8.203
May 7 04:47:10 Milhaus sshd[19782]: error: PAM: Authentication failure for root from 87–194–32–209.bethere.co.uk
May 7 04:50:40 Milhaus sshd[20166]: error: PAM: Authentication failure for root from 212.24.179.54
May 7 04:53:43 Milhaus sshd[20515]: error: PAM: Authentication failure for root from adsl-068–213–208–164.sip.bct.bellsouth.net
May 7 04:57:16 Milhaus sshd[20902]: error: PAM: Authentication failure for root from 137.192.198.220
May 7 05:00:53 Milhaus sshd[21315]: error: PAM: Authentication failure for root from 66.99.53.142
May 7 05:04:16 Milhaus sshd[21685]: error: PAM: Authentication failure for root from cni1.cbinf.com
May 7 05:07:48 Milhaus sshd[22219]: error: PAM: Authentication failure for root from mail.moldes.com.pe
May 7 05:10:47 Milhaus sshd[22571]: error: PAM: Authentication failure for root from afw154.internetdsl.tpnet.pl
May 7 05:14:33 Milhaus sshd[22970]: error: PAM: Authentication failure for root from lib1-v-1–135.static.adsl.vol.cz
May 7 05:17:44 Milhaus sshd[23359]: error: PAM: Authentication failure for root from blulove.pl
May 7 05:22:03 Milhaus sshd[23797]: error: PAM: Authentication failure for root from 196.211.44.154
May 7 05:25:17 Milhaus sshd[24173]: error: PAM: Authentication failure for root from 213.33.201.30
May 7 05:28:52 Milhaus sshd[24705]: error: PAM: Authentication failure for root from 211–22–140–146.hinet-ip.hinet.net
May 7 05:32:54 Milhaus sshd[25147]: error: PAM: Authentication failure for root from 201–251–61–108.static.speedy.com.ar
May 7 05:36:09 Milhaus sshd[25519]: error: PAM: Authentication failure for root from sokrates.buero.oekostadt.de
May 7 05:40:37 Milhaus sshd[25966]: error: PAM: Authentication failure for root from 60.19.28.157
May 7 05:43:49 Milhaus sshd[26473]: error: PAM: Authentication failure for root from 145.253.179.228
May 7 05:48:06 Milhaus sshd[26928]: error: PAM: Authentication failure for root from lputeaux-151–41–4–209.w217–128.abo.wanadoo.fr
May 7 05:51:36 Milhaus sshd[27315]: error: PAM: Authentication failure for root from eii221.internetdsl.tpnet.pl
May 7 06:00:29 Milhaus sshd[28368]: error: PAM: Authentication failure for root from 78.4.40.192
May 7 06:04:22 Milhaus sshd[28776]: error: PAM: Authentication failure for root from 83–244–156–204.cust-83.exponential-e.net
May 7 06:09:11 Milhaus sshd[29390]: error: PAM: Authentication failure for root from 201–23–148–114.sercomtel.com.br
May 7 06:13:06 Milhaus sshd[29806]: error: PAM: Authentication failure for root from 212.30.80.85
May 7 06:17:51 Milhaus sshd[30439]: error: PAM: Authentication failure for root from hydros.ibwpan.szczecin.pl
May 7 06:22:22 Milhaus sshd[30894]: error: PAM: Authentication failure for root from eii221.internetdsl.tpnet.pl
May 7 06:27:25 Milhaus sshd[31527]: Address 62.233.185.118 maps to amtra.pl, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
May 7 06:27:26 Milhaus sshd[31527]: error: PAM: Authentication failure for root from 62.233.185.118
May 7 06:32:36 Milhaus sshd[32190]: error: PAM: Authentication failure for root from host68–229-static.34–88-b.business.telecomitalia.it
May 7 06:37:30 Milhaus sshd[32675]: error: PAM: Authentication failure for root from adsl-217–154–9–150.mistral.co.uk
May 7 06:43:16 Milhaus sshd[897]: error: PAM: Authentication failure for root from 143.107.110.29
May 7 06:48:22 Milhaus sshd[1557]: error: PAM: Authentication failure for root from ex216126.uac63.hknet.com
May 7 06:54:05 Milhaus sshd[2309]: error: PAM: Authentication failure for root from 145.253.179.229<br /
May 7 06:59:38 Milhaus sshd[2995]: error: PAM: Authentication failure for root from sokrates.buero.oekostadt.de
May 7 07:07:48 Milhaus sshd[3873]: error: PAM: Authentication failure for root from 194.112.210.90
May 7 07:12:09 Milhaus sshd[4493]: error: PAM: Authentication failure for root from 62.77.209.5
May 7 07:18:48 Milhaus sshd[5256]: error: PAM: Authentication failure for root from 87–194–32–209.bethere.co.uk
May 7 07:25:51 Milhaus sshd[6180]: error: PAM: Authentication failure for root from 87.241.8.203
May 7 07:32:51 Milhaus sshd[6973]: error: PAM: Authentication failure for root from 84–55–87–8.customers.ownit.se
May 7 07:40:20 Milhaus sshd[7779]: error: PAM: Authentication failure for root from 212.150.167.61
May 7 07:47:26 Milhaus sshd[8714]: error: PAM: Authentication failure for root from ip67–92–8–185.z8–92–67.customer.algx.net
May 7 07:55:13 Milhaus sshd[9546]: error: PAM: Authentication failure for root from dvi242.internetdsl.tpnet.pl
>
May 7 08:02:28 Milhaus sshd[10526]: error: PAM: Authentication failure for root from 3e70de9.adsl.enternet.hu
May 7 08:11:20 Milhaus sshd[11621]: error: PAM: Authentication failure for root from 200–161–203–205.dsl.telesp.net.br
May 7 08:20:48 Milhaus sshd[12749]: error: PAM: Authentication failure for root from 200.241.233.130
May 7 08:39:55 Milhaus sshd[14988]: error: PAM: Authentication failure for root from dvi242.internetdsl.tpnet.pl
May 7 09:05:44 Milhaus sshd[18162]: error: PAM: Authentication failure for root from 84.202.156.20
May 7 09:22:02 Milhaus sshd[20029]: error: PAM: Authentication failure for root from ip67–92–8–185.z8–92–67.customer.algx.net
May 7 09:40:57 Milhaus sshd[22412]: error: PAM: Authentication failure for root from ns.echo.nnov.ru
May 7 10:04:27 Milhaus sshd[25151]: reverse mapping checking getaddrinfo for 210.190–10–205.uio.satnet.net [190.10.205.210] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 10:04:28 Milhaus sshd[25151]: error: PAM: Authentication failure for root from 190.10.205.210
May 7 10:16:18 Milhaus syslog-ng[1987]: STATS: dropped 0
May 7 10:18:05 Milhaus proftpd: pam_warn(ftp:auth): function=[pam_sm_authenticate] service=[ftp] terminal=[<unknown>] user=[karel] ruser=[karel] rhost=[147.228.209.190]
May 7 10:29:10 Milhaus smartd[3846]: Device: /dev/sda, SMART Usage Attribute: 194 Temperature_Celsius changed from 48 to 46
May 7 10:33:41 Milhaus sshd[28719]: reverse mapping checking getaddrinfo for c9118128.virtua.com.br [201.17.129.40] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 10:33:41 Milhaus sshd[28719]: error: PAM: Authentication failure for root from 201.17.129.40
May 7 10:47:12 Milhaus sshd[30262]: error: PAM: Authentication failure for root from 1389442210.ip2long.net
May 7 10:49:05 Milhaus sshd[30398]: error: PAM: Authentication failure for root from 84–55–87–8.customers.ownit.se
May 7 10:51:35 Milhaus sshd[30725]: error: PAM: Authentication failure for root from admin.leeds-utd.org.uk
May 7 10:53:34 Milhaus sshd[31022]: error: PAM: Authentication failure for root from 212.24.179.54
May 7 10:56:05 Milhaus sshd[31350]: error: PAM: Authentication failure for root from sokrates.buero.oekostadt.de
May 7 10:58:02 Milhaus sshd[31497]: Address 83.142.83.26 maps to http://www.max-torgau.de, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
May 7 10:58:02 Milhaus sshd[31497]: error: PAM: Authentication failure for root from 83.142.83.26
May 7 11:00:32 Milhaus sshd[31845]: error: PAM: Authentication failure for root from 213.170.88.82
May 7 11:02:56 Milhaus sshd[32166]: Address 193.111.200.140 maps to spare.eorigen.com, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
May 7 11:02:56 Milhaus sshd[32166]: error: PAM: Authentication failure for root from 193.111.200.140
May 7 11:05:17 Milhaus sshd[32481]: error: PAM: Authentication failure for root from 72–255–73–54.client.stsn.net
May 7 11:07:43 Milhaus sshd[343]: reverse mapping checking getaddrinfo for corporat200–093164053.sta.etb.net.co [200.93.164.53] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 11:07:43 Milhaus sshd[343]: error: PAM: Authentication failure for root from 200.93.164.53
May 7 11:09:32 Milhaus sshd[483]: error: PAM: Authentication failure for root from static-dsl-248.213–160–171.telecom.sk
May 7 11:13:41 Milhaus sshd[939]: error: PAM: Authentication failure for root from gfh44.internetdsl.tpnet.pl
May 7 11:15:01 Milhaus sshd[1187]: error: PAM: Authentication failure for root from 84.202.156.20
May 7 11:16:18 Milhaus syslog-ng[1987]: STATS: dropped 0
May 7 11:16:45 Milhaus sshd[1403]: error: PAM: Authentication failure for root from customer-200–79–25–39.uninet.net.mx
May 7 11:17:29 Milhaus sshd[1542]: error: PAM: Authentication failure for root from otwaon23–1168105680.sdsl.bell.ca
May 7 11:18:54 Milhaus sshd[1650]: error: PAM: Authentication failure for root from ns.echo.nnov.ru
May 7 11:21:14 Milhaus sshd[1972]: error: PAM: Authentication failure for root from ns.echo.nnov.ru
May 7 11:22:11 Milhaus sshd[2112]: error: PAM: Authentication failure for root from mail.pragmaticus.ru
May 7 11:23:37 Milhaus sshd[2372]: error: PAM: Authentication failure for root from 85–18–113–7.ip.fastwebnet.it
May 7 11:26:09 Milhaus sshd[2706]: error: PAM: Authentication failure for root from 28–248–114–200.fibertel.com.ar
May 7 11:27:22 Milhaus sshd[2810]: error: PAM: Authentication failure for root from mx.ddo.sk
May 7 11:29:44 Milhaus sshd[3132]: error: PAM: Authentication failure for root from blulove.pl
May 7 11:30:55 Milhaus sshd[3247]: error: PAM: Authentication failure for root from 213.33.201.30
May 7 11:32:26 Milhaus sshd[3544]: error: PAM: Authentication failure for root from mutlb164055.smarttadsl.com
May 7 11:33:19 Milhaus sshd[3620]: error: PAM: Authentication failure for root from 201–23–148–114.sercomtel.com.br
May 7 11:34:47 Milhaus sshd[3888]: error: PAM: Authentication failure for root from port-87–234–200–80.static.qsc.de
May 7 11:36:42 Milhaus sshd[4030]: error: PAM: Authentication failure for root from gfh44.internetdsl.tpnet.pl
May 7 11:37:24 Milhaus sshd[4081]: error: PAM: Authentication failure for root from ex216126.uac63.hknet.com
May 7 11:38:45 Milhaus sshd[4334]: error: PAM: Authentication failure for root from host68–229-static.34–88-b.business.telecomitalia.it
May 7 11:39:47 Milhaus sshd[4412]: error: PAM: Authentication failure for root from 200.72.207.130
May 7 11:42:44 Milhaus sshd[4746]: error: PAM: Authentication failure for root from 194.112.210.90
May 7 11:43:49 Milhaus sshd[5031]: error: PAM: Authentication failure for root from 200.72.207.130
May 7 11:44:42 Milhaus sshd[5099]: reverse mapping checking getaddrinfo for net-178–212–58–207.in-addr.arpa [207.58.212.178] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 11:44:42 Milhaus sshd[5099]: error: PAM: Authentication failure for root from 207.58.212.178
May 7 11:47:49 Milhaus sshd[5485]: error: PAM: Authentication failure for root from iw4.internetdsl.tpnet.pl
May 7 11:48:45 Milhaus sshd[5558]: error: PAM: Authentication failure for root from 220–130–2–247.hinet-ip.hinet.net
May 7 11:50:04 Milhaus sshd[5802]: error: PAM: Authentication failure for root from ezw-pc79.erziehung.uni-kassel.de
May 7 11:51:10 Milhaus sshd[5900]: error: PAM: Authentication failure for root from host76–13-static.28–87-b.business.telecomitalia.it
May 7 11:52:44 Milhaus sshd[6029]: error: PAM: Authentication failure for root from adsl-67–125–255–198.dsl.snfc21.sbcglobal.net
May 7 11:52:45 Milhaus sshd[6096]: Did not receive identification string from 91.90.20.210
May 7 11:53:49 Milhaus sshd[6249]: error: PAM: Authentication failure for root from r01.glglgl.eu
May 7 11:55:08 Milhaus sshd[6390]: error: PAM: Authentication failure for root from 137.192.198.220
May 7 11:56:31 Milhaus sshd[6691]: error: PAM: Authentication failure for root from ns24573.ovh.net
May 7 11:59:24 Milhaus sshd[7040]: error: PAM: Authentication failure for root from s142–179–222–146.ab.hsia.telus.net
May 7 12:02:43 Milhaus sshd[7520]: error: PAM: Authentication failure for root from algol.cbk.pan.wroc.pl
May 7 12:04:16 Milhaus sshd[7707]: error: PAM: Authentication failure for root from 87.241.8.203
May 7 12:06:25 Milhaus sshd[8032]: reverse mapping checking getaddrinfo for 210.190–10–205.uio.satnet.net [190.10.205.210] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:06:26 Milhaus sshd[8032]: error: PAM: Authentication failure for root from 190.10.205.210
May 7 12:08:23 Milhaus sshd[8320]: error: PAM: Authentication failure for root from adsl-068–213–208–164.sip.bct.bellsouth.net
May 7 12:09:21 Milhaus sshd[8391]: error: PAM: Authentication failure for root from 195.47.114.129.adsl.nextra.cz
May 7 12:11:00 Milhaus sshd[8659]: error: PAM: Authentication failure for root from 69.73.208.32
May 7 12:13:25 Milhaus sshd[8838]: error: PAM: Authentication failure for root from 87–194–32–209.bethere.co.uk
May 7 12:14:34 Milhaus sshd[9073]: error: PAM: Authentication failure for root from 137.192.198.220
May 7 12:16:11 Milhaus sshd[9214]: error: PAM: Authentication failure for root from iw4.internetdsl.tpnet.pl
May 7 12:18:43 Milhaus sshd[9540]: error: PAM: Authentication failure for root from gfh44.internetdsl.tpnet.pl
May 7 12:20:08 Milhaus sshd[9792]: error: PAM: Authentication failure for root from chello084114015179.14.vie.surfer.at
May 7 12:21:21 Milhaus sshd[9876]: error: PAM: Authentication failure for root from 143.107.110.29
May 7 12:22:57 Milhaus sshd[10149]: reverse mapping checking getaddrinfo for 69–104–213–25.larrystbird.com [69.104.213.25] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:22:57 Milhaus sshd[10149]: error: PAM: Authentication failure for root from 69.104.213.25
May 7 12:23:51 Milhaus sshd[10219]: error: PAM: Authentication failure for root from 212.144.232.131
May 7 12:26:53 Milhaus sshd[10584]: error: PAM: Authentication failure for root from algol.cbk.pan.wroc.pl
May 7 12:27:58 Milhaus sshd[10665]: error: PAM: Authentication failure for root from 89.248.240.7
May 7 12:29:58 Milhaus sshd[10974]: reverse mapping checking getaddrinfo for 168–65.parknet.ne.jp [210.171.168.65] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:29:58 Milhaus sshd[10974]: error: PAM: Authentication failure for root from 210.171.168.65
May 7 12:30:39 Milhaus sshd[11069]: reverse mapping checking getaddrinfo for internet_extremo69115–174.etb.net.co [200.69.115.174] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:30:39 Milhaus sshd[11069]: error: PAM: Authentication failure for root from 200.69.115.174
May 7 12:32:07 Milhaus sshd[11320]: error: PAM: Authentication failure for root from telefon.szie.hu
May 7 12:34:45 Milhaus sshd[11659]: reverse mapping checking getaddrinfo for net-178–212–58–207.in-addr.arpa [207.58.212.178] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:34:46 Milhaus sshd[11659]: error: PAM: Authentication failure for root from 207.58.212.178
May 7 12:35:51 Milhaus sshd[11747]: error: PAM: Authentication failure for root from 66.99.53.142
May 7 12:37:20 Milhaus sshd[11853]: error: PAM: Authentication failure for root from 62.128.130.94
May 7 12:40:02 Milhaus sshd[12207]: reverse mapping checking getaddrinfo for su93255166.aspadmin.net [66.240.255.166] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:40:02 Milhaus sshd[12207]: error: PAM: Authentication failure for root from 66.240.255.166
May 7 12:41:31 Milhaus sshd[12465]: error: PAM: Authentication failure for root from 213.246.239.99
May 7 12:42:44 Milhaus sshd[12562]: Address 196.22.221.66 maps to mail.sachefsacademy.com, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
May 7 12:42:45 Milhaus sshd[12562]: error: PAM: Authentication failure for root from 196.22.221.66
May 7 12:45:21 Milhaus sshd[12930]: error: PAM: Authentication failure for root from 200.241.233.130
May 7 12:47:07 Milhaus sshd[13205]: error: PAM: Authentication failure for root from 3e70de9.adsl.enternet.hu
May 7 12:48:24 Milhaus sshd[13304]: error: PAM: Authentication failure for root from cc67835-a.groni1.gr.home.nl
May 7 12:53:48 Milhaus sshd[13987]: error: PAM: Authentication failure for root from 88.87.195.14
May 7 12:54:54 Milhaus sshd[14067]: error: PAM: Authentication failure for root from static.88–198–17–13.clients.your-server.de
May 7 12:58:09 Milhaus sshd[14446]: error: PAM: Authentication failure for root from provone.provsol.net
May 7 12:59:10 Milhaus sshd[14669]: error: PAM: Authentication failure for root from 84.202.156.20
May 7 13:00:47 Milhaus sshd[14814]: error: PAM: Authentication failure for root from 85–126–20–50.sh-wien.inode.at
May 7 13:01:59 Milhaus sshd[15047]: error: PAM: Authentication failure for root from p509887f3.dip0.t-ipconnect.de
May 7 13:03:41 Milhaus sshd[15176]: error: PAM: Authentication failure for root from ip168–243–236–228.intercom.com.sv
May 7 13:06:24 Milhaus sshd[15523]: error: PAM: Authentication failure for root from troymimnds0a910.mcleodusa.net
May 7 13:07:31 Milhaus sshd[15604]: error: PAM: Authentication failure for root from mutlb164055.smarttadsl.com
May 7 13:11:13 Milhaus sshd[16160]: error: PAM: Authentication failure for root from 218.200.191.30
May 7 13:13:35 Milhaus sshd[16344]: error: PAM: Authentication failure for root from 84.202.156.20
May 7 13:16:26 Milhaus sshd[16724]: error: PAM: Authentication failure for root from 88–199–28–3.tktelekom.pl
May 7 13:17:36 Milhaus sshd[16954]: error: PAM: Authentication failure for root from blulove.pl
May 7 13:19:27 Milhaus sshd[17082]: error: PAM: Authentication failure for root from lputeaux-151–41–4–209.w217–128.abo.wanadoo.fr
May 7 13:21:04 Milhaus sshd[17375]: error: PAM: Authentication failure for root from troymimnds0a910.mcleodusa.net
May 7 13:22:14 Milhaus sshd[17461]: error: PAM: Authentication failure for root from s161–184–174–76.ab.hsia.telus.net
May 7 13:24:06 Milhaus sshd[17749]: error: PAM: Authentication failure for root from mail.apex.net.au
May 7 13:25:00 Milhaus sshd[17818]: error: PAM: Authentication failure for root from troymimnds0a910.mcleodusa.net
May 7 13:27:58 Milhaus sshd[18500]: error: PAM: Authentication failure for root from 221.158.48.69
May 7 13:30:50 Milhaus sshd[19478]: error: PAM: Authentication failure for root from 137.192.198.220
May 7 13:34:16 Milhaus sshd[19874]: error: PAM: Authentication failure for root from 195.47.114.129.adsl.nextra.cz
May 7 13:35:29 Milhaus sshd[20112]: error: PAM: Authentication failure for root from adsl-068–213–208–164.sip.bct.bellsouth.net
May 7 13:37:21 Milhaus sshd[20254]: reverse mapping checking getaddrinfo for customer201–216–249.77.iplannetworks.net [201.216.249.77] failed – POSSIBLE BREAK-IN ATTEMPT!
May 7 13:37:22 Milhaus sshd[20254]: error: PAM: Authentication failure for root from 201.216.249.77
May 7 13:38:23 Milhaus sshd[20486]: error: PAM: Authentication failure for root from crochet.acrobates.beynost.net
May 7 13:39:59 Milhaus sshd[21318]: error: PAM: Authentication failure for root from mail.inveda.net
May 7 13:41:20 Milhaus sshd[21656]: error: PAM: Authentication failure for root from 119.54–246–81.adsl-static.isp.belgacom.be
May 7 13:43:15 Milhaus sshd[21972]: error: PAM: Authentication failure for root from webserver.janel.com.mx</p>
Takže se dá říct, že tohleč nepohlo … už jsi přišel na něco, co by odstranilo nebo jinak filtrovalo tyhle útoky?
Ať žije cenzura!
edro říká: Váš komentář čeká na schválení.
15. Srpen 2008 v 12:01
Fail2ban sice útokům nezabrání ale snižuje riziko celkem slušně. Root heslo mám víc jak 10 písmen takže si myslim, že při 5-ti pokusech za 5 minut s banem na 3 hodiny to jen tak nějakej robot nerozlouskne. Hlídá to i logování na Proftpd
co víc si přát ? .)
ad cenzůra : nesnášim spam a lepší způsob neznám, nebo ty jo ?