Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do you automatically block ip addresses of machines that tries to shh into your server?

Posted on 2008-06-15
6
Medium Priority
?
257 Views
Last Modified: 2013-12-16
Dear Experts,

How do you automatically block ip addresses of machines that tries to shh into your server (debian)?

Thank you :)
0
Comment
Question by:jsissopainful
6 Comments
 
LVL 58

Assisted Solution

by:amit_g
amit_g earned 200 total points
ID: 21790296
0
 
LVL 12

Expert Comment

by:ibu1
ID: 21790979
0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21791401
DenyHosts is a nice option. You may also wanna have something for brute force detection. BFD is a nice option for it:

http://rfxnetworks.com/bfd.php
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 10

Accepted Solution

by:
Pétur Ingi Egilsson earned 300 total points
ID: 21794675
fail2ban scans thro your log files and detects strange login behaviour : http://www.fail2ban.org/wiki/index.php/Main_Page
I use it to add DENY rules to iptables ( for 7 days )for IP's who try to log 3x into my server with failed attempts.
After 7 days fail2ban remove that firewall rule so the ip can try again. ( ofcourse it's up to you for how many days you choose to ban it )

It can also send you daily reports via email.
0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21795161
PeturIngiEgilsson!

Fail2ban seems very promising tool. Thanks for sharing it.
0
 
LVL 19

Expert Comment

by:jools
ID: 21803166
I use denyhosts (suggested by amit_g) on a production server, it cut down the logs of connection attemptsfrom about 10 pages to just one.

Easy to configure and it just runs away, no intervention needed (unless someone accidentally locks themselves out).

I'd definately use it again.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses
Course of the Month6 days, 2 hours left to enroll

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question