Am Di, den 27.07.2004 schrieb Michael Sullivan um 18:12: > The kiddies using their script file to try to hack into my systems > through sshd using accounts guest and test tried again yesterday. This [ ... ] > the nonexistent guest and test accounts. The IP addresses they try to > log in from vary slightly, but for the most part I think the first three > octets are the same. I looked through the man page for sshd_config for > a way to block their IP, but I couldn't find it. Does anyone here know > how to do this? Using public key authentication you can restrict the key. See "man sshd" for from="pattern-list". If you use password authentication you can't restrict it within the sshd_config itself. I suggest you use iptables reject rule(s) instead to block SSH (port 22) access for suspicious nets - yes, I get this "hack attempts" for non existent account guest and test too - or you allow port 22 connects only for specific nets at all and let the rest reject. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp Serendipity 18:17:00 up 1 day, 3:23, load average: 0.36, 0.89, 0.98
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
