Re: how to react on ssh attacks?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 24 October 2005 5:51 am, Tom Yates wrote:
> On Mon, 24 Oct 2005, Stephanus Fengler wrote:
> > I recently checked my log files of my ssh service (so far as I
> > understand this is my only service open) and realized that from the very
> > same IP I got a lot of request trying to guess a user name on my system,
> > I assume. Since login name always changes in even chronological
> > alphabetical order.
> >
> > So shell I worry about it or do I need to do some countermeasures?
>
> in case this is of any use to anyone, i've made a web page out of the
> responses i got when i asked this question on a number of lists earlier
> this year, plus the details of the solution i went for.
>
> it's not pretty yet, but the emails are up at
> http://www.teaparty.net/technotes/ssh-rate-limiting.html.  i'll make it
> prettier, make the links usable, that sort of thing, as time permits.
> hope it's useful to someone.
>
>
> --
>
>    Tom Yates  -  http://www.teaparty.net


I found the following article very helpful.  Fairly easy to set up and has 
eliminated about 90% of these automatic scans.

http://www.linux.com/article.pl?sid=05/09/15/1655234

Rich


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux