[plug] hosts.deny over 6000 entries

Ritchie Young ritchiey at gmail.com
Thu Oct 29 21:27:14 WST 2009


I'm not aware of it. Admittedly I don't run an Internet accessible server
but I couldn't find anything about it on Google news so it doesn't seem to
be in the mainstream media.

For some reason (maybe related) I'm unable to access slashdot.org and
github.com HTTP access is patchy. Strangely, git over ssh to github has been
fine.

I'd be interested to know what's going on.

/Ritchie

On Thu, Oct 29, 2009 at 7:38 PM, Scott Middleton <scott at assuretek.com.au>wrote:

> Hi PLUGgers
>
> I assume a lot of you know about the concerted worldwide attack of ssh
> over the last few weeks.
>
> My hosts.deny on my colo is now over 6000 long.
>
> My question is: at what point is the file getting too large?
>
> I use portsentry and denyhosts to block attacks and it is working
> exceedingly well but there seems to be no end in sight. One night a
> few weeks ago there were over 700 in 12 hours! I still get several a
> day and  the last few days attacks have increased again.
>
> I have had a total of three known Aussie IP addresses (with reverse
> DNS) and have contacted them promptly.
>
> Kind Regards
>
> --
> Scott Middleton
> Managing Director
> Linux Consultants Pty Ltd t/as AssureTek
> Email - Scott at assuretek.com.au
> Phone - 1300 551 696
> Mobile - 0400 212 724
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20091029/c4e254d2/attachment.html>


More information about the plug mailing list