Brute-Force Dictionary Attack
If you are running an Apache web server there is some great advice over at Kevin van Zonnevelds TechBlog on how to block Brute Force Attacks with IPTables.
Here are the most recent IPs that have attacked my server:
China:
61-30-11-163.static.tfn.net.tw failed login attempts to account photos (system) — Large number of attempts from this IP: 61-30-11-163.static.tfn.net.tw 2009-05-28 02:07:18 2009-06-1 02:07:18
61.142.208.164 failed login attempts to account root (system) — Large number of attempts from this IP: 61.142.208.164 2009-05-28 20:08:00 2009-06-1 20:08:00
163.29.126.57 failed login attempts to account rpc (system) — Large number of attempts from this IP: 163.29.126.57 2009-05-31 17:42:10 2009-06-11 17:42:10
South America:
c9067b63.static.spo.virtua.com.br failed login attempts to account root (system) — Large number of attempts from this IP: c9067b63.static.spo.virtua.com.br 2009-06-01 20:13:13
US: University:
shhylab10.engin.umich.edu failed login attempts to account root (system) — Large number of attempts from this IP: shhylab10.engin.umich.edu 2009-05-28 14:00:36 2009-06-1 14:00:36
Until next time — Safe Surf!
Pages: 1 2
apache, attack, brute-force, dictionary, IPTables
2 Comments
Thanks for the post,
I use SoftFuse Password Generator http://www.password-generator.com to generate strong passwords as you suggested. PC Tools online generator is good, but I like this one very much.
Thanks for the link!