Re: failed root login attempts

To: debian-security@lists.debian.org
Subject: Re: failed root login attempts
From: SZALAY Attila <mrwas@cdata.hu>
Date: Sun, 19 Sep 2004 20:45:03 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.58.0409192043210.16769@nelson.cdata.hu>
In-reply-to: <[🔎] 20040919184208.GI3038@panoptic.com>
References: <[🔎] 20040919183057.GA22093@cirrus.madduck.net> <[🔎] 20040919184208.GI3038@panoptic.com>

On Sun, 19 Sep 2004, Dossy Shiobara wrote:
> On 2004.09.19, martin f krafft <madduck@madduck.net> wrote:
> > Other than blacklisting the IPs (which is a race I am going to
> > lose),
> Why do you say that?  I haven't seen this more than a few times a week
> so I haven't bothered to do anything yet, but I'm very close to writing
> a script that tail's the syslog and on more than X repeat failures,
> add a rule to iptables -j DROP traffic from the offending IP address.
>
> If I'm feeling nice, I'll keep a list of the IPs that have been
> temporarily blacklisted with a timestamp of when they were added, and
> expire them after X time has passed ...
why don't you create host based access controls?
or use only public key authentication?

I'm using that for a few years without any problems...

ByeZ,
WaS

Reply to:

References:
- failed root login attempts
  - From: martin f krafft <madduck@madduck.net>
- Re: failed root login attempts
  - From: Dossy Shiobara <dossy@panoptic.com>

Prev by Date: Re: failed root login attempts
Next by Date: Re: failed root login attempts
Previous by thread: Re: failed root login attempts
Next by thread: Re: failed root login attempts
Index(es):
- Date
- Thread