Re: What is this Very Stupid DOS Attack Script?
Martin McCormick wrote:
> Apr 6 05:49:42 dc sshd[12422]: input_userauth_request: illegal
> user chuck
>
> You get the idea. This goes on for 3 or 4 minutes and then
> just stops for now. I can almost promise that later, another attack
> will start from some other IP address and blaze away for a few
> minutes.
I asked the same question a while ago.
Seems that there are some linux type worms out there, that use this
to target not well protected linux systems.???
I've build some swatch-rules that after two of these hits, I dump
the host into ifpw-deny space.
--WjW
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 3 之 12 篇):