Attacks from 70.87.222.213
I have a massive burst of attacks from this IP which is apparently a linode in the early hours of June 6 before my system locked them out.
If you own the linode with this IP and you aren't doing this yourself, your system has been compromised.
3 Replies
Thanks,
-Tom
Also if you're running apache, suggest installing geoip module and block all the unwanted countries.
Just like any security measure - both of these will keep the script kiddies away and buy you some time during the premeditated attacks.
- G
@Scottso:
Did anyone else see a massive ssh brute force attack from 70.87.222.213?
I have a massive burst of attacks from this IP which is apparently a linode in the early hours of June 6 before my system locked them out.
If you own the linode with this IP and you aren't doing this yourself, your system has been compromised.