BAD SSH and FTP

<Title>BAD SSH and FTP</title>
<h2>Bad SSH and FTP attempts</h2>
This is a manually generated list of all hosts that have tried to
hack my machine via bruteforce.  Both SSHd (port 22) and FTPD (port 21) are
shown here.  Any access after a few tries to allow for typos are counted
towards illegal access.
These attacks are extremely annoying and I
do wish it stopped, I will see to it that your ISP gets notified when
I see the attempts.  Don't be surprised if your network connection disappears
if you make it to this list.  And I don't care if you were hacked or not, it's
up to you to make sure your machine is not a zombie.  Thank Bill Gates and
Microsoft for no general public code audits.  Thank yourself for not
auditing your machine if you made it onto this list.  
If you wish for me to remove a specific entry, 
please email 'blc+ssh' at this host's mail server (mail.vanade.com) 
and give me proof that your machine is cleaned of all trojans and
no longer vulnerable to attack.  Note: hosts that have forward and reverse
DNS mismatch will require DNS fix to be included in their audit.
<p>
To avoid useless search engine crawler entries, you may specify option
<code>id=ipaddr</code> to
this script to obtain the logfiles associated with this IP address.
You can also specify <code>link</code> to make this script make links for each
entry.  If you're curious about country breakdown, try specifying
<code>country</code>.  Currently China loses the most, then the USA, and 
Korea is quickly catching up.  Also I have to say the US Educational system
seems to have mostly kept their networks clean, three cheers for those admins
to keep that up.
<p>
<img src="badssh.png" alt="howto">
<p>
I don't auto-remove entries - these were from when I started keeping track
of these attempts.
<p>
You may wonder why I post this here?  Could this list be exploited?
Why yes!  I hope that perhaps another botnet master finds that host and
breaks into it too.  And hopefully they will have enough conflicting software
to cause that machine to crash or become ''painfully'' obvious that it has
been compromised.  My goal is to have as many zombie bots removed from the
network as I can, and if someone double hacks the machine and brings it to
its knees...well, at least it's off the net.
<p>
Note: machines may continue to try to bruteforce my machine after the logfiles
shown here.  I filter out these addresses after seeing them, so they may
appear to stop.  At some later date I'll include subsequent attempts.
<p>
Look into the package 'Fail2ban' if you want some automated protection system.
I'm just manually doing it to my hosts.deny and IP tables.
<hr><code>This has been discontinued for now.<br>