Re: SSH Blocking
Am Montag, 25. April 2005 16:42 schrieb Nick Miller:
> I maintain a couple of exim mail servers on the Internet and I
> have noticed that a lot of people will try to gain access to
> these machines by trying multiple SSH logins with all sorts of
> names. I am wondering if there is an option in SSHD to block an
> IP after a certain amount of failed login attempts as any user?
If you use PAM, you may also have a look at pam_tally to reject all
logins for some time after too many failed attempts. Of course,
the downside is that a legitimate user may not log in for one (or
a few) minutes when his account is "under attack".
Regards,
Dennis
--
Send personal mail to dennis@... only. Off-list
mails to lists@stosberg.net will not reach me.
Reply to: