New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Seems correct, if the idea is to block all ssh connections from 210.51.174.189 to the local machine.
If you are doing it on a VPS node to protect the customers, try -I FORWARD.
Augh, I knew that. That worked. Thanks for rebooting my brain
Change the SSH port as well, it at least helps to clear up the damn logs.
I guess this is about blocking a whole node with several machines from this IP
@DotVPS: yeah, one of our /24's was under fire.
That is strange, I have been under same attack at work too. The attacks were coming from 202.x.x.x something but many other IPs as well, argentina, china, etc.
Havent seen this for some time. Maybe other ppl as well and passes like "jen" are really used...
M
Very common, this happens always
That it is.. I only noticed it because that node was running at a higher load average than normal.
@DotVPS: ????
Ah! Thanks. I'm not seeing that one yet, but our IPs are on 69.x.x.x and 216.224.x.x, so they must not be far enough up the numbers
Yeah, if it is so massive, then it will cause you that issues, since most people runs SSH at the default 22
SSH scans are active as they hit 2 of my cPanel boxes but I'm loving the ZERO Wordpress spam since Ubiquity Servers pulled the plug from VirtualSRV
Is this thread about blocking IPs or Wordpress spam?