On 1/26/06, John Summerfied <debian@xxxxxxxxxxxxxxxxxxxxxx> wrote:
Are there any benifits of doing this as opposed to changing the port used for ssh?Steven J Lamb wrote:
> I am trying to create a script to block people using hosts.deny. I
> realize that I should just block everyone and then open access for those
> whom I know I trust but because of the nature of our network this is not
> possible. basically I check log files for login attempts every five
> minutes and block those that attempt to log in more than 3 times that
> day.
This is too late. An automated attack may well be completed in this
window of time.
Instead, use another port as a door-knock: when someone tries to connect
to <some port>, then allow connexions to ssh for a short time.
--
As a boy I jumped through Windows, as a man I play with Penguins.
