[BlueOnyx:09068] has to be a better way
cwallace at wcnet.org
cwallace at wcnet.org
Thu Nov 17 13:52:35 -05 2011
i keep getting ppl tryin to hack my blueonyx server.
examples:
dovecot: pop3-login: Disconnected (auth failed, 1 attempts):
user=<aaron at go2ccc.net>, method=PLAIN, rip=86.122.172.81,
lip=192.168.1.10: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts):
user=<abby at go2ccc.net>, method=PLAIN, rip=86.122.172.81,
lip=192.168.1.10: 2 Time(s)
Refused Connections:
Service dovecot:
65.67.57.241: 916 Time(s)
74.39.186.2: 1018 Time(s)
86.122.172.81: 426 Time(s)
this is getting to be real bad and need to come up with a better solution
then iptables because it seems to slow the server down now with all the
ips i have in my block list
here is an example ip table command i use:
/sbin/iptables -A INPUT -s 65.67.57.241 -j DROP
pam doesnt seem to stop the flooding and when they get where it aproching
9000 times it brings blueonyx to a halt.
thanks in advance for any recomendation.
More information about the Blueonyx
mailing list