Hi All,
I received several ssh attacks over the past week, and wonder how, if at all, to deal with them.
Are they just script kiddies?
One address resolves to 'server.pamperedpawsdogboutique.com', a domain registered with godaddy. Do I contact godaddy? This attack did not start until 7pm on a Friday...
I might create a blacklist of IP addresses... for example, to filter /var/log/auth.log into /etc/hosts.deny... (but that might grow too large)
Or if I have confidence that my passwords are secure, do I simply ignore them as a fact of life?
My aim here is to do productive work, not to fart around with nuisances.
Any help appreciated!
Cheers,
Max