Re: How should I react to break in attempts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Apr 8, 2005 6:09 PM, Arthur Pemberton <dalive@xxxxxxxxxxxxx> wrote:
> This host is really tring it's best at sshd, there are many attempts to
> my sshd. Is it a good idea to just block that ip via iptables?
> 

Take a look at messages from earlier today (about 6 hours before I
posted this note) for messages with the subject line "Questions
concerning security log".

Brian Gaynor wrote a note with an excellent example of a way to
configure your firewall to automatically detect multiple SSH
connections, and automatically block them.

I also like the denyhosts application that Steve Joerger referred to
earlier, but since it has to run from cron, a lot of attempts can be
made to get into your SSH before the job runs and blocks the offender.



-- 

David
Registered Linux User 383030 (since everyone else was doing it 8-)
-----------------------------------------------------------------------
There are only 10 kinds of people in this world,
those who understand binary, and those who don't.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux