On Fri, Jun 19, 2009, Cisco-Education wrote:
Dear All,
I have the following setup running perfectly OK for a long time
CentOS release 5 (Final) sendmail-8.13.8-2.el5 MailScanner 4.76.25 bind-9.3.4-6.0.3.P1.el5_2
now i jus setup a centos box running BackupPC for backing up my my above mail server using ssh as per the instructions in backup pc site i had to enable sshd so i did it and everthing works perfect and backup works great as per my requirement
but i notice that when i do a
tail -f /var/log/secure
i see the followin very often
[Normal log stuff from dictionary attack deleted...]
This is common, and, presuming you have good passwords or only accept authorized_keys, not a real problem other than large log files.
Look at fail2ban for a method that will automatically add iptables blocks when this occurs.
Bill