Security Issue.

Greetings,

I wasn't sure about where could I post this. Anyway, here we go... Here's a copy&paste from our security run output(just a part):

Aug 26 14:26:59 mysite sshd[81770]: Failed password for invalid user 1 from 211.21.170.138 port 34069 ssh2
Aug 26 14:27:05 mysite sshd[81829]: Failed password for invalid user a from 211.21.170.138 port 34162 ssh2
Aug 26 14:27:10 mysite sshd[81896]: Failed password for invalid user a from 211.21.170.138 port 34263 ssh2
Aug 26 14:27:16 mysite sshd[81955]: Failed password for invalid user abuse from 211.21.170.138 port 34361 ssh2
Aug 26 14:27:19 mysite sshd[82019]: Failed password for invalid user abuse from 211.21.170.138 port 34488 ssh2
Aug 26 14:27:22 mysite sshd[82054]: Failed password for invalid user abuse from 211.21.170.138 port 34563 ssh2
Aug 26 14:27:24 mysite sshd[82089]: Failed password for invalid user academia from 211.21.170.138 port 34637 ssh2
Aug 26 14:27:27 mysite sshd[82122]: Failed password for invalid user academia from 211.21.170.138 port 34709 ssh2
Aug 26 14:27:29 mysite sshd[82160]: Failed password for invalid user academia from 211.21.170.138 port 34787 ssh2
Aug 26 14:27:32 mysite sshd[82202]: Failed password for invalid user academic from 211.21.170.138 port 34881 ssh2
Aug 26 14:27:35 mysite sshd[82234]: Failed password for invalid user academic from 211.21.170.138 port 34964 ssh2
Aug 26 14:27:41 mysite sshd[82267]: Failed password for invalid user academic from 211.21.170.138 port 35042 ssh2
Aug 26 14:27:45 mysite sshd[82334]: Failed password for invalid user ada from 211.21.170.138 port 35150 ssh2
Aug 26 14:27:48 mysite sshd[82386]: Failed password for invalid user ada from 211.21.170.138 port 35240 ssh2
Aug 26 14:27:50 mysite sshd[82420]: Failed password for invalid user ada from 211.21.170.138 port 35323 ssh2
Aug 26 14:27:54 mysite sshd[82458]: Failed password for invalid user adams from 211.21.170.138 port 35398 ssh2
Aug 26 14:27:57 mysite sshd[82517]: Failed password for invalid user adams from 211.21.170.138 port 35501 ssh2
Aug 26 14:28:00 mysite sshd[82556]: Failed password for invalid user adams from 211.21.170.138 port 35586 ssh2
Aug 26 14:28:03 mysite sshd[82594]: Failed password for invalid user adating from 211.21.170.138 port 35660 ssh2
Aug 26 14:28:06 mysite sshd[82631]: Failed password for invalid user adating from 211.21.170.138 port 35749 ssh2
Aug 26 14:28:09 mysite sshd[82671]: Failed password for invalid user adating from 211.21.170.138 port 35843 ssh2
Aug 26 14:28:14 mysite sshd[82710]: Failed password for invalid user adm from 211.21.170.138 port 35956 ssh2
Aug 26 14:28:16 mysite sshd[82745]: Failed password for invalid user adm from 211.21.170.138 port 36053 ssh2
Aug 26 14:28:19 mysite sshd[82773]: Failed password for invalid user adm from 211.21.170.138 port 36125 ssh2

How can I block this attempts? Can I block an IP after so many login attempts? Help please! Thanks in advance!

Security Issue.

Hack attempts? Can I block them?

gutabo

GeorgeK

zCat

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week