I run a home server, mostly isolated network services, but a few external stuff forwarded by my router, such as ssh, which enables me to establish a ssh tunnel to access my home network.
Just out of boredom, I looked at the security logs and found TONS of invalid logon attempts from an IP address (222.122.56.141) which is in korea. Now I doubt they have laws against hacking, so contacting their abuse department probably wont do anything, and they probably wont understand my English though I could use an online translator...
My setup is secure, as far as I know. one single user is allowed to log in, and must then su as root. so he can brute force that all he wants but he wont get in even with a valid password.
So from a legal standpoint, as well as a security standpoint, what are the best things I can do right now? I'm not scared... yet, since a simple brute force wont get him in, but if I'm being targeted out of determination, for some reason or the other, it might grow to being a more sophisticated attack.
Just out of boredom, I looked at the security logs and found TONS of invalid logon attempts from an IP address (222.122.56.141) which is in korea. Now I doubt they have laws against hacking, so contacting their abuse department probably wont do anything, and they probably wont understand my English though I could use an online translator...
My setup is secure, as far as I know. one single user is allowed to log in, and must then su as root. so he can brute force that all he wants but he wont get in even with a valid password.
So from a legal standpoint, as well as a security standpoint, what are the best things I can do right now? I'm not scared... yet, since a simple brute force wont get him in, but if I'm being targeted out of determination, for some reason or the other, it might grow to being a more sophisticated attack.
Facebook
Twitter