On Mon, Sep 03, 2007 at 11:40:07PM -0400, John Kelly wrote: > I stop brute force attacks by sending auth log messages to a FIFO which I > read with a perl script. After 10 login failures, your IP is firewalled for > 24 hours. I have a rate-limiting iptables ruleset for SSH (and HTTP). In my experience, brute force attackers give up after the rate-limiter starts tarpitting them. See http://antti-juhani.kaijanaho.fi/stuff/ratelimit.txt - Antti-Juhani Kaijanaho, Jyväskylä http://antti-juhani.kaijanaho.fi/newblog/ http://www.flickr.com/photos/antti-juhani/
Attachment:
signature.asc
Description: Digital signature