[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: howto block ssh brute-force

## Felipe Figueiredo (philsf@ufrj.br):

> once in a while (say, every two weeks) I get a brute-force
> login/password scan attempt in my server (i.e., a single ip tries
> dictionary account names and passwords at random). SSH access is
> needed by many users, and  (RSA/DSA key)-only access is, at present
> time, unwanted. So far none such attempt was lucky (to my knowlege),
> but it always gives me creeps when I see unusually big logwatch
> reports, and my contacts to sysadmins of originating networks are
> usually ignored.
> Any ideas?

Have a look at pam_abl http://www.hexten.net/pam_abl/ .
And make sure your users have good passwords.


Spare Space

Reply to: