On Sun, 8 Feb 2015 12:41:56 -0500, hansel <[log in to unmask]> wrote:
>I accept it as normal many (upwards of several thousand) daily root
>breaking attempts. My defense is careful sshd configuration and
>restrictive incoming router firewall.
>
>Does anyone mantain a database of consistently offending sites (maybe a
>news source, such as politico or propublica)? Initial use of whois and dig
>for a few returned familiar countries of origin, coutries that may
>encourage or even sponsor some attempts.
>
>I searched the archive for "breakin" and "failed" with an without subject
>line qualifiers (like "root") and found nothing.
>
>Thank you.
>mark hansel
>=========================================================================
Do you know about http://www.dshield.org ? They collect reports of
attempted ssh connections, among other things.
Stephen Isard