SSH brute force China and Linux: best practices

Bazy bazy84 at
Sat Jan 30 10:22:37 UTC 2010

On Sat, Jan 30, 2010 at 6:47 AM, Bobby Mac <bobbyjim at> wrote:
> Hola Nanog:
> So after many years of a hiatus from Linux,  I recently dropped XP in favour
> of Fedora.  Now that my happy windows blinders are off, I see alarming
> things.  Ugly ssh brute force, DNS server IP spoofing with scans and typical
> script kiddie tactics.
> What are the new set of best practices for those running a NIX home
> computer.  Yes I have a firewall and I do peruse my logs on a regular
> basis.
> BTW: ever drop a malformed  URL to alert an admin to some thing that sucks?
> or
> Thanks,
> BobbyMac

Hello Bobby,

Take a look at and I'm not Chinese but I'm sure that
brute-force attacks come from all over the world. Here's a little from
my logwatch.

Refused incoming connections: ( 1 Time(s) ( 1 Time(s) ( 2 Time(s) ( 5 Time(s) ( 1 Time(s)


More information about the NANOG mailing list