Re: SSH Blocking
Nick Miller <nick@pressenter.com> writes:
> I maintain a couple of exim mail servers on the Internet and I have
> noticed that a lot of people will try to gain access to these machines
> by trying multiple SSH logins with all sorts of names. I am wondering
> if there is an option in SSHD to block an IP after a certain amount of
> failed login attempts as any user?
There was a recent discussion about this on the Norwegian Linux
newsgroup. There is a recent module for iptables called 'recent' you
can use to dynamically block attempts like this. Google for iptables
and recent
--
John L. Fjellstad
web: http://www.fjellstad.org/ Quis custodiet ipsos custodes
Reply to: