Re: annoying brute force attack attempt using ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Scott van Looy wrote:
>
> So I ran
> iptables -A INPUT -s 193.239.125.119 -j DROP

This is likely a losing battle, as you'll never be able to keep adding
rules for individual IP's.

You can, however, configure iptables to *allow* only a specified list of
IP addresses (i.e., the ones you approve of).

You should also configure sshd to allow only a specified list of users.
man sshd_config for details.

If this is not manageable, take a look at denyhosts
(http://denyhosts.sourceforge.net/)

-- 
Tim Evans, TKEvans.com, Inc.    |   5 Chestnut Court
UNIX System Admin Consulting    |   Owings Mills, MD 21117
http://www.tkevans.com/         |   443-394-3864
http://www.come-here.com/News/  |   tkevans@xxxxxxxxxxx


-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux