sshd[21381]: Invalid user guest from 203.251.250.132
sshd[21386]: Invalid user admin from 203.251.250.132
…
sshd[21386]: Invalid user admin from 203.251.250.132
…
That means someone try to hack your system. It must be a human or just a ‘bot’ (MS virus on computer somewhere in the internet).
There is some remedy is not explained good in the Internet.
First of all block all ssh incoming connections except yours own. Add this into your hosts.allow file:
sshd : 203.250.50.7 : allow
sshd : 127.0.0.1/255.0.0.0 : allow
sshd : 192.168.1.100/255.255.255.0 : allow
sshd : ALL : deny
sshd : 127.0.0.1/255.0.0.0 : allow
sshd : 192.168.1.100/255.255.255.0 : allow
sshd : ALL : deny
Into sshd_config:
PermitRootLogin no
AllowUsers yourusername
AllowUsers yourusername
Now we’ll think our system is secure ;-) enough and you will get for sshd only:
sshd[22005]: refused connect from 61.142.83.245
Take care and be smart!
No comments:
Post a Comment