[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
El 04/10/17 a las 08:41, Fr33d0m4all escribió:
> I know, I know about how internet works :) I’ve just simply noted a large increase in SSH brute force attempts in the last two weeks. BTW I don’t have root login enabled and I have two factor authentication on my SSH port (not standard), which is enabled only for a single low privileges user, so there’s no problem. I work for a provider and I manage IPS devices, so I know that it is common to have a large amount of intrusion attempts, I was just wondering if there was some attack against Tor nodes going on since the increase of intrusion attempts in the last few weeks :)
>
> Best regards,
Also, you could consider pam-abl (auto blacklisting) instead of
fail2ban. Relying on PAM, it doesn't need to process the logs to ban
hosts or users.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays