[development] Fully patched site hacked and cloaked
Jason A. Nunnelley
jason at jasonn.com
Wed Jan 27 19:11:10 UTC 2010
On Wed, Jan 27, 2010 at 1:03 PM, Domenic Santangelo <domenics at gmail.com>
wrote:
> I'm hearing some complicated attack vectors being tossed around in here
(password sniffing, mitm, etc) -- don't forget about a pretty simple one:
dictionary attacks. I recently took over a project for a small-medium sized
client and upon looking at the secure log noticed 50k+/day dictionary
attacks against SSH. I installed fail2ban and now get 5-6 emails daily about
brute-force hack attempts.
Just wonder why you don't simply block attempts beyond 5 or 10.
--
Jason A. Nunnelley
----------------------------------------
http://www.jasonn.com
http://www.tekany.com
+1 256 297 1652
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20100127/665fdbba/attachment.html
More information about the development
mailing list