Am Mo, den 09.05.2005 schrieb roland brouwers um 16:37: > Someone is attacking for a certain time on port SSH2 > He is trying to login as root and uses all kind of usernames. > See annexed textfile > > How can I block a user after x failed logins? This is already the case with the current FC3 OpenSSH, see "man sshd_config" -> MaxAuthTries. You may change the default value. Another way is to use pam_tally in /etc/pam.d/system-auth. There were many discussions about these SSH login attempts on this list. Please search the archive for suggestion been given (changing SSH port, denying root logins, ...). > Roland Brouwers Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp Serendipity 16:43:23 up 21:14, 18 users, 0.19, 0.12, 0.07
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
