[plug] hosts.deny over 6000 entries
Scott Middleton
scott at assuretek.com.au
Thu Oct 29 19:38:18 WST 2009
Hi PLUGgers
I assume a lot of you know about the concerted worldwide attack of ssh
over the last few weeks.
My hosts.deny on my colo is now over 6000 long.
My question is: at what point is the file getting too large?
I use portsentry and denyhosts to block attacks and it is working
exceedingly well but there seems to be no end in sight. One night a
few weeks ago there were over 700 in 12 hours! I still get several a
day and the last few days attacks have increased again.
I have had a total of three known Aussie IP addresses (with reverse
DNS) and have contacted them promptly.
Kind Regards
--
Scott Middleton
Managing Director
Linux Consultants Pty Ltd t/as AssureTek
Email - Scott at assuretek.com.au
Phone - 1300 551 696
Mobile - 0400 212 724
More information about the plug
mailing list