Brute Force Question

I have SSH running on default port (22) but i have the hosts.deny sshd deny all and the allow to the few shell accounts via IP.

From below is the person trying random ports to see if i just change the shhd port?


Jan 16 18:09:38 server01 sshd[18756]: Failed password for invalid user postgres
from 218.234.212.118 port 6689 ssh2
Jan 16 18:09:40 server01 sshd[18758]: Invalid user postgres from
218.234.212.118
Jan 16 18:09:42 server01 sshd[18758]: Failed password for invalid user postgres
from 218.234.212.118 port 9124 ssh2
Jan 16 18:09:44 server01 sshd[18760]: Invalid user postgres from
218.234.212.118
Jan 16 18:09:47 server01 sshd[18760]: Failed password for invalid user postgres
from 218.234.212.118 port 11646 ssh2
Jan 16 18:09:52 server01 sshd[18762]: Invalid user postgres from
218.234.212.118
Jan 16 18:09:54 server01 sshd[18762]: Failed password for invalid user postgres
from 218.234.212.118 port 14290 ssh2
Jan 16 18:09:57 server01 sshd[18764]: Invalid user postgres from
218.234.212.118
Jan 16 18:09:59 server01 sshd[18764]: Failed password for invalid user postgres
from 218.234.212.118 port 18390 ssh2

 

 

 

 

Top