31 Dec
2011
31 Dec
'11
12:10 p.m.
On Sat, Dec 31, 2011 at 07:59:31AM +0100, Klaus Layer wrote:
within two days I received abuse complaints from my ISP that someone used my exit node to brute force ssh accounts of two different ISP. Unfortunately I am forced to block port 22 to avoid shutdown. Anyone else who suffered from such attacks these days?
We've seen some claims of port 22 attacks, as well. I think the rate has been fairly consistent over the last several months, though.
We send our standard explanation and offer of assistance (DNSBL, suggestions of how to rate-limit, reminders that it's the server's responsibility to secure their own systems).
-andy