On Apr 8, 2005 6:09 PM, Arthur Pemberton <dalive@xxxxxxxxxxxxx> wrote: > This host is really tring it's best at sshd, there are many attempts to > my sshd. Is it a good idea to just block that ip via iptables? > Take a look at messages from earlier today (about 6 hours before I posted this note) for messages with the subject line "Questions concerning security log". Brian Gaynor wrote a note with an excellent example of a way to configure your firewall to automatically detect multiple SSH connections, and automatically block them. I also like the denyhosts application that Steve Joerger referred to earlier, but since it has to run from cron, a lot of attempts can be made to get into your SSH before the job runs and blocks the offender. -- David Registered Linux User 383030 (since everyone else was doing it 8-) ----------------------------------------------------------------------- There are only 10 kinds of people in this world, those who understand binary, and those who don't.
