Hi,
reading my logs I get to know that my node is under
brute force attacks over ssh.
Many connections refused upon wrong username and password.
In my Linux system, this is reported in /var/log/auth.log:
… sshd[23240]: Invalid user webadmin from 91.197.232.109
… sshd[23240]: input_userauth_request: invalid user webadmin [preauth]
… sshd[23240]: error: Could not get shadow information for NOUSER
… sshd[23240]: Failed password for invalid user webadmin from 91.197.232.109 port 34751 ssh2
… sshd[23234]: reverse mapping checking getaddrinfo for hostby.planet-telecom.eu [91.197.232.109] failed - POSSIBLE BREAK-IN ATTEMPT!
Does someone already addressed this problem?