Recent Posts

block Tag

Webmin, Linux Firewall, and China

08:00 02 May in Firewall, Linux, Security, Thomas' Toolkit by Thomas

Here was the situation. Our server got hit by multiple login attempts from China about a week ago. Our security of course keeps these attempts from being successful, but the shear volume of attempts slowed us right down. After dealing with the immediate attempts to get in, and restoring service, I had to find a more permanent way of dealing with the attacks. Since the time of the attack, I've been reviewing access logs on a daily basis.  Access attempts continue, with 5-6 machines attempting 1000's of times each to get in, guessing usernames and passwords.  Over 85% of the attempts originate from China...