Re: stopping ssh attacks

To: debian user <debian-user@lists.debian.org>
Subject: Re: stopping ssh attacks
From: michael <linux@networkingnewsletter.org.uk>
Date: Thu, 16 Jun 2005 15:10:02 +0100
Message-id: <[🔎] 1118931002.17626.45.camel@localhost.localdomain>
In-reply-to: <[🔎] 20050616140545.GF31281@tomass.dyndns.org>
References: <[🔎] 20050616140545.GF31281@tomass.dyndns.org>

On Thu, 2005-06-16 at 09:05 -0500, Thomas Stivers wrote:
> I have been getting a huge number of attempts to log into my box via ssh
> which fail with invalid username entrys in the logs. Is there already a
> package which will let me look through the logs and dynamically add
> iptables rules to drop anything from these scanning addresses after
> something like 3 attempts. I know I can set up hosts.allow and
> hosts.deny to only allow ssh in from particular ip's, but I'd rather not
> do that. Any suggestions would be appreciated.
> 


I set up sshd_config to use a different port. That stopped them (for
now...)

-- 
Michael Bane
Atmospheric Physics Group
University of Manchester

Reply to:

Follow-Ups:
- Re: stopping ssh attacks
  - From: Ugo Bellavance <ugob@camo-route.com>
- Re: stopping ssh attacks
  - From: Rogério Brito <rbrito@ime.usp.br>

References:
- stopping ssh attacks
  - From: Thomas Stivers <stivers_t@tomass.dyndns.org>

Prev by Date: stopping ssh attacks
Next by Date: can not save documents in my locale w/ openoffice.ord
Previous by thread: stopping ssh attacks
Next by thread: Re: stopping ssh attacks
Index(es):
- Date
- Thread