[CentOS] SSH attacks from china

Sun Jul 26 11:01:39 UTC 2009
Lucian@lastdot.org <lucian at lastdot.org>

On Sat, Jul 25, 2009 at 6:40 PM, Sorin Srbu<sorin.srbu at orgfarm.uu.se> wrote:
>>-----Original Message-----
>>From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
>>Behalf Of Lucian at lastdot.org
>>Sent: Friday, July 24, 2009 1:09 PM
>>To: CentOS mailing list
>>Subject: Re: [CentOS] SSH attacks from china
>>
>>I banned all China and Korea in my gateway :) (not for all ports, only
>>for ssh & ftp).
>
> That's the simple solution, and one that has been argued (on the 'net
> generally) to be a very blunt tool at that.
>
> What if you have legit users from China and Korea trying to connect to your
> server(s)?
> --
> /Sorin

You can imagine I'd not banned CN if i knew I had legit users there.
So far no complaints from my clients.. and besides, I only blocked ssh
and ftp ports.. The chinese can still send me mail and browse my
websites. ..Thinking if i should ban them from pop3 and imap as well.

>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>