sshd - Invalid user ....

I've written a couple of entries about my anoyance and solving the issue with "Invalid user", after I started running my script it seams that there are 40 ipaddress which actually is causing this.

If you want to get ridge of this, then either run my script block_idiots_ssh.pl, or start by blocking the following ipaddresses:

136.201.107.1
137.99.10.239
165.138.251.222
195.167.202.196
198.104.137.241
200.62.142.213
202.222.18.60
202.64.210.245
203.86.84.113
210.230.64.24
210.73.128.152
211.189.26.30
211.21.128.186
211.45.120.112
211.75.4.188
213.146.166.240
213.80.105.8
213.93.189.51
216.20.244.22
217.160.170.220
218.37.89.50
218.41.93.138
219.140.167.51
220.130.245.91
220.95.232.114
220.95.232.216
222.208.171.133
24.202.99.204
24.4.255.24
59.120.171.146
61.195.159.211
61.246.1.251
62.108.199.156
62.141.35.40
69.211.157.105
69.50.225.230
80.23.97.194
80.28.216.105
82.224.162.170
83.220.130.10

By using iptables: # iptables -A INPUT -i <interface> -s IPADDRESS -p tcp --dport 22 -j DROP

Then you should hopefully see that you number of "Invalid user" entries in /var/log/secure will go down. If not start doing something active.

Comments

Popular posts from this blog

Apple AirPort Express and Digital Jitter..

EIZO Colornavigator - Data Access Error

Using Borg backup across SSH with sshkeys