On Monday 24 October 2005 5:51 am, Tom Yates wrote: > On Mon, 24 Oct 2005, Stephanus Fengler wrote: > > I recently checked my log files of my ssh service (so far as I > > understand this is my only service open) and realized that from the very > > same IP I got a lot of request trying to guess a user name on my system, > > I assume. Since login name always changes in even chronological > > alphabetical order. > > > > So shell I worry about it or do I need to do some countermeasures? > > in case this is of any use to anyone, i've made a web page out of the > responses i got when i asked this question on a number of lists earlier > this year, plus the details of the solution i went for. > > it's not pretty yet, but the emails are up at > http://www.teaparty.net/technotes/ssh-rate-limiting.html. i'll make it > prettier, make the links usable, that sort of thing, as time permits. > hope it's useful to someone. > > > -- > > Tom Yates - http://www.teaparty.net I found the following article very helpful. Fairly easy to set up and has eliminated about 90% of these automatic scans. http://www.linux.com/article.pl?sid=05/09/15/1655234 Rich
