We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

Abuse notices


Kacotet
15-02-2013, 14:53
Ignore them. SSH is incredibly easy to lock down. You won't see any trash in the log files after you've changed the config.

PermitRootLogin no
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
PasswordAuthentication no

Myatu
15-02-2013, 04:01
Send an abuse notice to their uplink provider(s).

LawsHosting
15-02-2013, 01:09
I sent a few abuse complaints (smtp/pop3 hits), but 3 weeks later, still hitting us... All I do now is 'drop' the IPs.... Ofc, abuse departments must get thousands a day and can't respond personally, but still, after 3 weeks, you think you'd should see some action, right?

jonlewi5
14-02-2013, 16:22
Quick question,

iv got a few IP's constantly hitting ssh on one of my servers, iv fired off the fail2ban logs to the provider (not OVH) but nothing appears to be getting done.

Just wondering what others do in that situation?

Also, i think someone posted a script that automaticly fired off abuse notices from fail2ban to the abuse address listed in the whois of an address. anyone remember who posted it or where it was? im sure it was here, but i could be wrong.