[ALUG] sshd messages in log, should I be worried?
MJ Ray
mjr at phonecoop.coop
Mon Aug 6 17:43:59 BST 2007
"Tim Green" <timothy.j.green at gmail.com> wrote:
> I installed it after getting sick of hearing the harddisk recording
> every login attempt. After 'n' guesses the IP address is blocked (with
> iptables) for a few days. There is a white list too, just incase you
> want regular remote access from an IP address someone else could cause
> to block.
If you don't want to install more software, you can do something
similar but cruder with iptables's rate-limiters. That will limit all
connection, not just failed logins, so you may need to be more liberal
with the whitelists if you have anyone doing lots of rsync, scp or cvs
over ssh connections in a short time period.
Hope that helps,
--
MJ Ray - see/vidu http://mjr.towers.org.uk/email.html
Experienced webmaster-developers for hire http://www.ttllp.co.uk/
Also: statistician, sysadmin, online shop builder, workers co-op.
Writing on koha, debian, sat TV, Kewstoke http://mjr.towers.org.uk/
More information about the main
mailing list