More with increase, I say … And with more imagination.

5 failed login attempts to account stealthsettings (system) — Large number of attempts from this IP: 66.111.33.91

5 failed login attempts to account ymvista (system) — Large number of attempts from this IP: 66.111.33.91

I still have one on various IPs, about 2-3 weeks. Try to break the server, using the users of Hostate sites. At least that's how he believes, like the names of the sites, you must also have a user on the server (id=0, possibly), and if you can with a password like birth.

Well, my dear, find out that at 5 failed attempts on sshd (If you know the user, and if accepted Uncluded logon via ssh key And without filtered IPs), the server performs ban / silence on IP, for a few minutes. Enough to block your password generating performance.

Two tips for you:

1. Nici un site (cont), does not have a user with Access SSH.

2. If you have the luck (one to a few billion) to pass the APF (Advanced Policy Firewall) and by my eye, I assure you that you will draw a mouthful of (BFD) Brute Force Detection.

root@server [~]# iptables -I INPUT -s 66.111.33.91 -j DROP
root@server [~]# service iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]
root@server [~]#

Succes!

Ps. Other saints who have passed me, on July 27, 2009.

Logwatch

Failed logins from:
  60.220.224.103: 4 times
  121.254.228.21: 4 times
  124.125.155.201: 1 time
  124.247.222.243 (124-247-222-243.del.tulipconnect.com): 105 times
  211.137.183.246: 5 times

Illegal users from:
  60.220.224.103: 28 times
  121.254.228.21: 11 times
  124.247.222.243 (124-247-222-243.del.tulipconnect.com): 2335 times
  211.137.183.246: 36 times

Thanks,
Stealth Settings