Re: brute force ssh login attempts and how to Disrupt them

To: debian-user@lists.debian.org
Subject: Re: brute force ssh login attempts and how to Disrupt them
From: Hans du Plooy <koffiejunkielistlurker@koffiejunkie.za.net>
Date: Thu, 16 Nov 2006 23:26:34 +0200
Message-id: <[🔎] 1163712394.6949.9.camel@theluggage.hansdp.za.net>
Reply-to: koffiejunkielistlurker@koffiejunkie.za.net
In-reply-to: <[🔎] 200611161225.kAGCPxVH043531@dc.cis.okstate.edu>
References: <[🔎] 200611161225.kAGCPxVH043531@dc.cis.okstate.edu>

On Thu, 2006-11-16 at 06:25 -0600, Martin McCormick wrote:
> 	I haven't created anything similar for Linux yet or I
> would be happy to let folks try it out.

http://denyhosts.sourceforge.net/  Should sort it out.

In addition it's always a good idea to disable root login.  One one
server that was getting hit pretty hard with both dictionary and brute
force attacks, I even restricted login to one user (me) with key login.

If you ssh in from a static IP, you can always just put an iptable rule
in to allow ssh connections only from your IP.  Unfortunately I'm on
dynamic, so I can't do that.

Hans

Reply to:

Follow-Ups:
- Re: brute force ssh login attempts and how to Disrupt them
  - From: David Hart <debian@tonix.org>
- Re: brute force ssh login attempts and how to Disrupt them
  - From: Michelle Konzack <linux4michelle@freenet.de>

References:
- brute force ssh login attempts and how to Disrupt them
  - From: Martin McCormick <martin@dc.cis.okstate.edu>

Prev by Date: Re: emacs without documentation nonsense
Next by Date: Re: Need to remove a ghost file, but can't because it doesn't exist
Previous by thread: Re: brute force ssh login attempts and how to Disrupt them
Next by thread: Re: brute force ssh login attempts and how to Disrupt them
Index(es):
- Date
- Thread