block host with brute-force attach
Bill Campbell
linux-sxs at celestial.com
Mon Mar 30 16:37:58 PDT 2009
On Mon, Mar 30, 2009, Ken Moffat wrote:
>On Mon, Mar 30, 2009 at 2:49 PM, Bill Campbell <linux-sxs at celestial.com>wrote:
>
>> On Mon, Mar 30, 2009, vu pham wrote:
>> > I remember someone mentioned/asked/answered this already but I just
>> > could not remember it.
>> >
>> > My system gets a lot of password-guess attackes. What is the tool that
>> > disables those remote attack hosts ?
>> >
>>
>> fail2ban comes to mind.
>>
>denyhosts blocks ip addresses after 3 (configurable) failed ssh logins.
>
>It can block either just ssh or all services for the denied ip address,
>adding the offending ip address to /etc/hosts.deny.
While this prevents access, it does not necessarily avoid filling
your log files with garbage as sshd probably logs failed attempts.
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186
In general, the art of government consists of taking as much money as
possible from one party of the citizens to give to the other.
-- Voltaire (1764)
More information about the Linux-users
mailing list