>-----Original Message----- >From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On >Behalf Of Lucian at lastdot.org >Sent: Sunday, July 26, 2009 11:27 PM >To: CentOS mailing list >Subject: Re: [CentOS] SSH attacks from china > >Vietnam and Indonezia are also suspects in my list. >The biggest problem with this approach is that even tho I could ban >whole Asia and Russia, a significant part of the attacks do not >originate from there, but from countries like USA, UK, etc, controlled >by hackers (also) from the aforementioned areas... >The latest case of password breaking I had to deal with was from an >USA IP address.. they managed to insert an iframe in all index.html >and index.php files on the respective FTP account. The iframe however >was pointing to a .ru website hosted in France.. Isn't globalization >fun?! >Anyway, just banning ranges of IP addresses may not enough, so to rely >on this _only_ would be careless. Exactly, that was what I trying to get at! So you're not going to ban all ip addresses from the US I take it, since most spam, crapware, attacks and whatnot originate from there, as you point out? ;-) -- /Sorin -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5106 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20090729/fa4ae3d8/attachment-0005.bin>