Re: howto block ssh brute-force

To: philsf79@gmail.com
Cc: debian-security@lists.debian.org
Subject: Re: howto block ssh brute-force
From: Laurent Fousse <laurent@cabal.lateralis.org>
Date: Sun, 12 Mar 2006 10:32:55 +0100
Message-id: <[🔎] 20060312093255.GA32142@cabal.lateralis.org>
In-reply-to: <[🔎] 385d1e010603112350g5c11a3b1ha21ed67f5e6e7e63@mail.gmail.com>
References: <[🔎] 385d1e010603112350g5c11a3b1ha21ed67f5e6e7e63@mail.gmail.com>

Hello,

* Felipe Figueiredo [Sun, Mar 12, 2006 at 04:50:51AM -0300]:
> once in a while (say, every two weeks) I get a brute-force
> login/password scan attempt in my server (i.e., a single ip tries
> dictionary account names and passwords at random). SSH access is
> needed by many users, and  (RSA/DSA key)-only access is, at present
> time, unwanted. So far none such attempt was lucky (to my knowlege),
> but it always gives me creeps when I see unusually big logwatch
> reports, and my contacts to sysadmins of originating networks are
> usually ignored.

I suggest the package `fail2ban'.

Reply to:

References:
- howto block ssh brute-force
  - From: "Felipe Figueiredo" <philsf@ufrj.br>

Prev by Date: Re: howto block ssh brute-force
Next by Date: Re: howto block ssh brute-force
Previous by thread: Re: howto block ssh brute-force
Next by thread: Re: howto block ssh brute-force
Index(es):
- Date
- Thread