on 11/19/2005 07:47 AM Claude Jones wrote:
I've been reading up, and talking up, various security strategies. One thing
that is striking to me in looking at logs for my servers are the endless ssh
probes that go on. It appears to be one of the most common. Up till recently,
http://denyhosts.sourceforge.net/
<quote>
DenyHosts is a script intended to be run by Linux system administrators
to help thwart ssh server attacks.
If you've ever looked at your ssh log (/var/log/secure on Redhat,
/var/log/auth.log on Mandrake, etc...) you may be alarmed to see how
many hackers attempted to gain access to your server. Hopefully, none of
them were successful (but then again, how would you know?). Wouldn't it
be better to automatically prevent that attacker from continuing to gain
entry into your system?
</quote>
I'm using it for couple months. Simple installation, couple minutes for
modification of config file and it works like a charm.
--
regards,
Oleksandr Korneta
