jsissopainful
asked on
How do you automatically block ip addresses of machines that tries to shh into your server?
Dear Experts,
How do you automatically block ip addresses of machines that tries to shh into your server (debian)?
Thank you :)
How do you automatically block ip addresses of machines that tries to shh into your server (debian)?
Thank you :)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://kbase.redhat.com/faq/FAQ_44_4145.shtm
DenyHosts is a nice option. You may also wanna have something for brute force detection. BFD is a nice option for it:
http://rfxnetworks.com/bfd.php
http://rfxnetworks.com/bfd.php
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
PeturIngiEgilsson!
Fail2ban seems very promising tool. Thanks for sharing it.
Fail2ban seems very promising tool. Thanks for sharing it.
I use denyhosts (suggested by amit_g) on a production server, it cut down the logs of connection attemptsfrom about 10 pages to just one.
Easy to configure and it just runs away, no intervention needed (unless someone accidentally locks themselves out).
I'd definately use it again.
Easy to configure and it just runs away, no intervention needed (unless someone accidentally locks themselves out).
I'd definately use it again.