Ntfu2
02-13-2007, 09:15 AM
The last two weeks or so, my servers been under "attack" by some moron trying to brute force his way in. APF is installed with BFD which automatically is banning the IP after a couple tries but i think its starting to adversly affect the server performance.
I've taken numerous security measure such as moving the SSH port, disabling telnet, strong password, and other little tweaks, but its to the point of being annoying.
Most are coming from places such as China, Korea, India, and some smaller countries, I really don't want to resort to blocking entire country IP's for the security of my servers, but its starting to get to the point where it may become necessary. A few were traced back to servers at a hosting firm in the US and i've emailed them some logs, and information for their security dept.'s to review.
Is there any other way to stop these attacks? Thanks
I've taken numerous security measure such as moving the SSH port, disabling telnet, strong password, and other little tweaks, but its to the point of being annoying.
Most are coming from places such as China, Korea, India, and some smaller countries, I really don't want to resort to blocking entire country IP's for the security of my servers, but its starting to get to the point where it may become necessary. A few were traced back to servers at a hosting firm in the US and i've emailed them some logs, and information for their security dept.'s to review.
Is there any other way to stop these attacks? Thanks