oleksandr korneta wrote:
on 11/19/2005 07:47 AM Claude Jones wrote:
I've been reading up, and talking up, various security strategies.
One thing that is striking to me in looking at logs for my servers
are the endless ssh probes that go on. It appears to be one of the
most common. Up till recently,
http://denyhosts.sourceforge.net/
<quote>
DenyHosts is a script intended to be run by Linux system
administrators to help thwart ssh server attacks.
If you've ever looked at your ssh log (/var/log/secure on Redhat,
/var/log/auth.log on Mandrake, etc...) you may be alarmed to see how
many hackers attempted to gain access to your server. Hopefully, none
of them were successful (but then again, how would you know?).
Wouldn't it be better to automatically prevent that attacker from
continuing to gain entry into your system?
</quote>
I'm using it for couple months. Simple installation, couple minutes
for modification of config file and it works like a charm.
I was just running through the responses to this thread to see if anyone
had suggested this application.
Granted it is a defense which is somewhat "after the fact" but it does
and has blocked quite a number of onslaughts on servers i maintain -
having noted almost 200 attacks on one particular server since
installation a couple of months ago.
I too am interested in finding other ways to protect rather than defend.
--
*Trevor "TeC" Christian*
/TeC Productions Studios/
Cell #: (767) 225 4472
IM
MSN: trevorc98@xxxxxxxxxxx / trevor@xxxxxxxxxxxxxxxxx
YM : trevorc01@xxxxxxxxx
AIM: DoubleOTeC
GoogleTalk: doubleOTeC@xxxxxxxxx
------------------------------------------------------------------------
Home Page <http://trevor.bouyon.dalive.com/>
Curriculum Vitae <http://bouyon.dalive.com/cv/>
Dalive Market <http://www.dalivemarket.com/>
