michael schurter

My Linode has been experiencing a huge number of brute force login attempts in the past week. I don’t keep detailed statistics, but I would guess there have been 300 attempts in the past week as opposed to the usual rate of about 500 attempts over 200 days (2-3 attempts per day).

Denyhosts has been doing its job perfectly. It should be illegal to run a Internet exposed SSH server without it or a similar tool.*

Thanks to HoopyCat in #linode for pointing me to a SANS Internet Storm Center article explaining the Summer of Hacks phenomenon.

* Unless of course you only accept key based logins.

Tags: denyhosts, hacking, linode, ssh

This entry was posted on Tuesday, May 13th, 2008 at 8:22 am and is filed under GNU/Linux, IT, Open Source, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.