Recently, we’ve been getting hit by lots of SSH brute force attacks at HTG … and hit hard. The most recent stat was more than 2400 failed login attempts from over 50 unique attackers in a 24 hour period. Most times, I don’t care as long as they don’t get in … but then I sat back and thought, “Man, those fsckers are probably costing on bandwidth somehow.” and that’s where I draw the line.
So once again, Denyhosts is up and running, more than 60 hosts have been banned just today and more are going to get taken down. Now, if only I could come up with a good legal reason to just give my servers the capability to attack back … but that’s not legal … yet.