On 18 sept. 2004, at 14:18, Willem Jan Withagen wrote: > Hi, > > Is there a security problem with ssh that I've missed??? > Ik keep getting these hords of: Failed password for root from > 69.242.5.195 port 39239 ssh2 > with all kinds of different source addresses. > > They have a shot or 15 and then they are of again, but a little later > on they're back and keep clogging my logs. > Is there a "easy" way of getting these ip-numbers added to the > blocking-list of ipfw?? not a ssh related problem, it's just a brute force attack, I'm experiencing this on every servers I have, more than 10 times a day. I'm really thinking about releasing the list of attackers IP to the public. As far as I know, it's a pack of compromised machines. patpro _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"