RE: brute force ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: RE: brute force ssh attack
From: "P. Thompson" <ptfedora@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 6 May 2005 21:09:40 -0500 (CDT)
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On Wed, 4 May 2005, Daniel B. Thurman wrote:

> Folks,
> 
> Seems that I am getting daily brute-force ssl attacks --
> Anything I can or should do?
> 

I wrote a little script that adds an iptables rule to drop the attacking 
ip address for an hour then remove the block.  An hour might be overkill, 
but they never come back from the same address.

It does not block on false users from IP ranges I normally come in from so 
if I fat-finger my login I'm not screwed for an hour.

I keep my sshd unblocked because I periodically ssh in from previously
unknown quarters and want that flexibility.

Follow-Ups:
- Re: brute force ssh attack
  - From: Marko Vojinovic

References:
- RE: brute force ssh attack
  - From: Daniel B. Thurman

Prev by Date: Re: yum update
Next by Date: Re: Installing FC3 to a USB HD requires a drivers disk or something similar?
Previous by thread: Re: brute force ssh attack
Next by thread: Re: brute force ssh attack
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]