Re: annoying brute force attack attempt using ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gerry Doris wrote:


Tim Evans wrote:
Scott van Looy wrote:
So I ran
iptables -A INPUT -s 193.239.125.119 -j DROP

This is likely a losing battle, as you'll never be able to keep adding
rules for individual IP's.

You can, however, configure iptables to *allow* only a specified list of
IP addresses (i.e., the ones you approve of).

You should also configure sshd to allow only a specified list of users.
man sshd_config for details.

If this is not manageable, take a look at denyhosts
(http://denyhosts.sourceforge.net/)

These are script kiddies. Changing ssh to a non standard port instead of the default 22 will also eliminate the attacks. This is useful if your users move around and have different ip's.


Or install Denyhosts and allow it to sync with the server. This will limit how many times they get a chance to login and then refuse the connection. But most have already been reported by other Denyhosts users and blocked automatically.

--
Jason Turning
jturning@xxxxxxxxxxxxx
-----
http://www.bugz.homeunix.net:8000/

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux