Re: brute force ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday 07 May 2005 02:09, P. Thompson wrote:
> On Wed, 4 May 2005, Daniel B. Thurman wrote:
> > Folks,
> >
> > Seems that I am getting daily brute-force ssl attacks --
> > Anything I can or should do?
>
> I wrote a little script that adds an iptables rule to drop the attacking
> ip address for an hour then remove the block.  An hour might be overkill,
> but they never come back from the same address.
>
> It does not block on false users from IP ranges I normally come in from so
> if I fat-finger my login I'm not screwed for an hour.
>
> I keep my sshd unblocked because I periodically ssh in from previously
> unknown quarters and want that flexibility.

Is there an easy way to manually block a specific IP? I would like to be able 
to block and unblock a couple of IPs when I seem fit, but since I am a 
begginer man iptables seems far too techy for me. Is there a recipe for this?

Also, are you willing to share your script with us (I guess I could learn from 
it)?

Best regards,
Marko


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux