Hello all.
I'm using openatv 4.2 image on my vu+ solo2. When i look at messages in /var/log/ I have A LOT of these lines from different ip's:
Nov 3 14:04:53 vusolo2 authpriv.notice login[3295]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/pts/2 ruser= rhost= user=root
Nov 3 14:04:53 vusolo2 authpriv.notice login[3290]: FAILED LOGIN (1) on '/dev/pts/0' from '[::ffff:89.215.187.114]:43645' FOR 'UNKNOWN', Authentication failure
Nov 3 14:04:53 vusolo2 authpriv.notice login[3297]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/pts/3 ruser= rhost= user=root
Nov 3 14:04:51 vusolo2 authpriv.notice login[3283]: FAILED LOGIN (1) on '/dev/pts/4' from '[::ffff:109.197.186.206]:55841' FOR 'UNKNOWN', Authentication failure
Nov 3 14:04:51 vusolo2 authpriv.warn login[3290]: pam_unix(login:auth): check pass; user unknown
Nov 3 14:04:51 vusolo2 authpriv.notice login[3290]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/pts/0 ruser= rhost=
Nov 3 14:04:51 vusolo2 authpriv.notice login[3285]: FAILED LOGIN (1) on '/dev/pts/9' from '[::ffff:46.1.160.91]:40774' FOR 'root', Authentication failure
Nov 3 14:04:52 vusolo2 authpriv.notice login[3288]: FAILED LOGIN (1) on '/dev/pts/5' from '[::ffff:171.83.249.195]:51465' FOR 'root', Authentication failure
Nov 3 14:04:52 vusolo2 authpriv.notice login[3293]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/pts/7 ruser= rhost= user=root
I know that they don't get access, but does anybody know how to auto ban these ip's? i'm just thinking that it use some bandwidth with all these attempts.