Re: How can I block IP address range with sshd_config

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I had the same problem,
I deny any incoming connections from the offending IP pool on my firewall,
and that seems to work, I show the attempts on my firewall, but no logs on
my FC1 box.  ;-)

Don Dupy

FC1 - Kernel 2.4.22 - Dell Poweredge 600SC
http://www.maxxrad.net
email: fedora@xxxxxxxxxxx

On Tue, 27 Jul 2004, Alexander Dalloz wrote:

> Am Di, den 27.07.2004 schrieb Michael Sullivan um 18:12:
>
> > The kiddies using their script file to try to hack into my systems
> > through sshd using accounts guest and test tried again yesterday.  This
>
> [ ... ]
>
> > the nonexistent guest and test accounts.  The IP addresses they try to
> > log in from vary slightly, but for the most part I think the first three
> > octets are the same.  I looked through the man page for sshd_config for
> > a way to block their IP, but I couldn't find it.  Does anyone here know
> > how to do this?
>
> Using public key authentication you can restrict the key. See "man sshd"
> for from="pattern-list". If you use password authentication you can't
> restrict it within the sshd_config itself. I suggest you use iptables
> reject rule(s) instead to block SSH (port 22) access for suspicious nets
> - yes, I get this "hack attempts" for non existent account guest and
> test too - or you allow port 22 connects only for specific nets at all
> and let the rest reject.
>
> Alexander
>
>
> --
> Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
> Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp
> Serendipity 18:17:00 up 1 day, 3:23, load average: 0.36, 0.89, 0.98
>



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux