Re: tightening ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tuesday 22 November 2005 2:14 am, Knute Johnson wrote:
> >What I did here for a while was run what amounts to a simple shell
> >script that grabbed the IP's of the attacking machines and stuffed
> >them into an IP-level filter against all traffic from that machine.
> >This still allowed the attacker to have 5-10 seconds of fun, but life
> >got really boring for them after that.
> >
> >-wolfgang
>
> I found an idea that uses the recent module of iptables.  Was easy to
> write and works really well.  The first connection gets through but
> fails because of the public/private key setup and the second
> connection is dropped.  I know that it uses some cpu time and that
> isn't a consideration on my machine with only one user but after two
> tries they go away.  Before I put the chains into iptables they would
> attack for as much as an hour or more.  I would guess that would use
> more cpu over time.
>
> Wolf:  Thanks again for the instructions on the p/p key setup.
>
> --
> Knute Johnson
> Molon Labe...
A while back there was discussion on the list about a script that 
monitored /var/messages and /var/secure and would write a rule to block an IP 
address after "x" number of attempts to log in.
I could not find the reference that I kept. You might try searching the list 
but the scripts were very good.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux