Limiting ssh scans

To: debian-user@lists.debian.org
Subject: Limiting ssh scans
From: Bill Wohler <wohler@newt.com>
Date: Tue, 10 May 2005 21:56:12 -0700
Message-id: <[🔎] 19888.1115787372@olgas.newt.com>

What sort of precautions have folks taken against ssh scanners?

I think I'd like to deny an IP address access to my ssh daemon (or my
entire network for that matter) for 24 hours if upon the third incorrect
login, or something like that. a scumbag at a particular IP address
fails 3.

Are there ssh, PAM, or shorewall settings I could leverage? Other tools?

A Google search was unfulfilling and not relevant with my Debian system. 

-- 
Bill Wohler <wohler@newt.com>  http://www.newt.com/wohler/  GnuPG ID:610BD9AD
Maintainer of comp.mail.mh FAQ and MH-E. Vote Libertarian!
If you're passed on the right, you're in the wrong lane.

Reply to:

Follow-Ups:
- Re: Limiting ssh scans
  - From: Dennis Stosberg <lists@stosberg.net>
- Re: Limiting ssh scans
  - From: Paul Johnson <baloo@ursine.ca>
- Re: Limiting ssh scans
  - From: "s. keeling" <keeling@spots.ab.ca>

Prev by Date: Re: spyware
Next by Date: Re: OT Firefox security leak: bogus or genuine?
Previous by thread: Re: spyware
Next by thread: Re: Limiting ssh scans
Index(es):
- Date
- Thread