Results 1 to 3 of 3
Hey,
I run a few Debian servers (one at home and 3 at work), and have port 22 open so I can SSH into them from ouside the network. However, ...
- 02-22-2006 #1Just Joined!
- Join Date
- Feb 2006
- Posts
- 2
SSH & Ban by IP
Hey,
I run a few Debian servers (one at home and 3 at work), and have port 22 open so I can SSH into them from ouside the network. However, when looking at the auth.log file, there is always tons and tons of entries showing people trying to log in with bogus usernames. Is there a way to set up a rule to where after 5 (or so) login attempts their IP is banned (added to hosts.deny or something) for an hour (or so), or something to that sort?
Thanks!
- 02-23-2006 #2Linux Enthusiast
- Join Date
- Aug 2005
- Location
- Hell
- Posts
- 514
try denyhosts ("apt-get install denyhosts" on testing/unstable)
- 02-23-2006 #3Linux Guru
- Join Date
- Oct 2005
- Location
- Montreal, Canada
- Posts
- 3,212
Plus, I really think you shouldn't use the default port (22).
Change it in /etc/ssh/sshd_config (and restart ssh), it's really safer that way."To express yourself in freedom, you must die to everything of yesterday. From the 'old', you derive security; from the 'new', you gain the flow."
-Bruce Lee
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
