Re: param SSh

To: debian-user-french@lists.debian.org
Subject: Re: param SSh
From: Frédéric Badel <fred@never-mind.ch>
Date: Wed, 19 Apr 2006 09:08:15 +0200 (CEST)
Message-id: <[🔎] 31147.193.5.240.1.1145430495.squirrel@admin.wherever.cc>
In-reply-to: <[🔎] 1145391405.31352.23.camel@localhost.localdomain>
References: <[🔎] 6A796006919C404E886AADE527843F09039D5A@exc.abila2.net> <[🔎] 1145391405.31352.23.camel@localhost.localdomain>

>>
>> Je voudrais paramÃ©trer SSH pour rejecter une IP au bout dâ??un certain
>> nombre de tentativesâ?¦
>>
>> Je reÃ§ois des millier de logs de ce type :
>>
>>
>>
>> Illegal users from these:
>>
>>    00089/none from ::ffff:84.222.209.1: 1 Time(s)
>>
>>    Aaliyah/none from ::ffff:83.19.44.26: 1 Time(s)
>>
>>    Aaron/none from ::ffff:83.19.44.26: 1 Time(s)
>>
>>    Aba/none from ::ffff:83.19.44.26: 1 Time(s)
>>
>>    Abel/none from ::ffff:83.19.44.26: 1 Time(s)
>>
>>    DTM/none from ::ffff:84.222.209.1: 1 Time(s)
>>
>>    Exit/none from ::ffff:83.19.44.26: 1 Time(s)
>>
>>    Jewel/none from ::ffff:83.19.44.26: 1 Time(s)
>>
>>    Oleg/none from ::ffff:84.222.209.1: 1 etcâ?¦â?¦â?¦â?¦â?¦â?¦â?¦â?¦..
>>
>>    Etcâ?¦â?¦..
>>
>>
>>
>> Apparement je me fais bruteforcer J
>>

hello,

essaie fail2ban [http://packages.debian.org/testing/net/fail2ban]
il "surveille" les tentatives de login, est bloque (via iptables) les ip
après un certain nombre de tentative infructueuse ...

il n'est pas dans sarge, mais trés facile à "backporter" ...

hth

fred

Reply to:

References:
- param SSh
  - From: Cédric LE BRIS <c.lebris@aditu.fr>
- Re: param SSh
  - From: manioul <manioul@manioul.org>

Prev by Date: RE: compatibilité d'une baie de disques avec Debian
Next by Date: Re: Serveur Courier-smtp utilisé comme serveur de spam
Previous by thread: Re: param SSh
Next by thread: cd minimal avec une sid
Index(es):
- Date
- Thread