On Mon, 2007-08-06 at 17:08 +0100, Tim Green wrote:
For another layer of security I use sshblack: http://www.pettingers.org/code/sshblack.html
I installed it after getting sick of hearing the harddisk recording every login attempt. After 'n' guesses the IP address is blocked (with iptables) for a few days. There is a white list too, just incase you want regular remote access from an IP address someone else could cause to block.
I have had a nasty script running for many years that does something similar. Mine is far cruder than this though (distinct absence of a whitelist for one)
Even though root logins are banned by sshd and I have hard to guess passwords there is a little bit of satisfaction seeing a iptables rule set grow knowing that those hosts only had a handful of attempts to guess a correct password. And it keeps the logs cleaner.
Regards, Tim.
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!