On Fri, 2016-01-15 at 16:37 -0500, Steve Matzura wrote: > My new fledgling server is being slammed, and I mean slammed like > Sandy slammed New York, by root login attacks from 59.46.71.36, > ShenYang, China. Of course, I don't allow root logins except from the > console or via ssh key pair, so I presume I'm safe that way, but I'd > sure like to cut down on the log churning of /var/log/auth.log, > particularly since it makes it harder to read that log to get the > stuff I need to know out of it. My router (Fios Quantum gateway) is > useless at blocking anything from the outside, so I've got to do it > internally. What are folks' favorite deny-hosts applications? I tried > installing DenyHosts, but it must be from a private repo because > whatever I have in sources couldn't find it. > > Thanks in advance. denyhosts only exists in oldoldstable, oldstable and unstable, so I guess it was dropped and then reintroduced? You could try fail2ban, it should be available in stable and testing as well. -- Cheers, Sven Arvidsson http://www.whiz.se PGP Key ID 6FAB5CD5
Attachment:
signature.asc
Description: This is a digitally signed message part