Re: SSH Blocking

To: debian-user@lists.debian.org
Subject: Re: SSH Blocking
From: Dennis Stosberg <lists@stosberg.net>
Date: Mon, 25 Apr 2005 17:57:15 +0200
Message-id: <[🔎] 200504251757.15941.lists@stosberg.net>
In-reply-to: <[🔎] 426D01F2.4000900@pressenter.com>
References: <[🔎] 426D01F2.4000900@pressenter.com>

Am Montag, 25. April 2005 16:42 schrieb Nick Miller:

>   I maintain a couple of exim mail servers on the Internet and I
> have noticed that a lot of people will try to gain access to
> these machines by trying multiple SSH logins with all sorts of
> names. I am wondering if there is an option in SSHD to block an
> IP after a certain amount of failed login attempts as any user?

If you use PAM, you may also have a look at pam_tally to reject all 
logins for some time after too many failed attempts.  Of course, 
the downside is that a legitimate user may not log in for one (or 
a few) minutes when his account is "under attack".


Regards,
Dennis

-- 
Send personal mail to dennis@... only.  Off-list 
mails to lists@stosberg.net will not reach me.

Reply to:

References:
- SSH Blocking
  - From: Nick Miller <nick@pressenter.com>

Prev by Date: Remove NetScape from my computer
Next by Date: Re: SSH Blocking
Previous by thread: Re: SSH Blocking
Next by thread: Re: SSH Blocking
Index(es):
- Date
- Thread