jsissopainful
asked on
How do you automatically block ip addresses of machines that tries to shh into your server?
Dear Experts,
How do you automatically block ip addresses of machines that tries to shh into your server (debian)?
Thank you :)
How do you automatically block ip addresses of machines that tries to shh into your server (debian)?
Thank you :)
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
http://kbase.redhat.com/faq/FAQ_44_4145.shtm
DenyHosts is a nice option. You may also wanna have something for brute force detection. BFD is a nice option for it:
http://rfxnetworks.com/bfd.php
http://rfxnetworks.com/bfd.php
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
PeturIngiEgilsson!
Fail2ban seems very promising tool. Thanks for sharing it.
Fail2ban seems very promising tool. Thanks for sharing it.
I use denyhosts (suggested by amit_g) on a production server, it cut down the logs of connection attemptsfrom about 10 pages to just one.
Easy to configure and it just runs away, no intervention needed (unless someone accidentally locks themselves out).
I'd definately use it again.
Easy to configure and it just runs away, no intervention needed (unless someone accidentally locks themselves out).
I'd definately use it again.