Solved

How do you automatically block ip addresses of machines that tries to shh into your server?

Posted on 2008-06-15
6
248 Views
Last Modified: 2013-12-16
Dear Experts,

How do you automatically block ip addresses of machines that tries to shh into your server (debian)?

Thank you :)
0
Comment
Question by:jsissopainful
6 Comments
 
LVL 58

Assisted Solution

by:amit_g
amit_g earned 50 total points
Comment Utility
0
 
LVL 12

Expert Comment

by:ibu1
Comment Utility
0
 
LVL 32

Expert Comment

by:Kamran Arshad
Comment Utility
DenyHosts is a nice option. You may also wanna have something for brute force detection. BFD is a nice option for it:

http://rfxnetworks.com/bfd.php
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 10

Accepted Solution

by:
PeturIngiEgilsson earned 75 total points
Comment Utility
fail2ban scans thro your log files and detects strange login behaviour : http://www.fail2ban.org/wiki/index.php/Main_Page
I use it to add DENY rules to iptables ( for 7 days )for IP's who try to log 3x into my server with failed attempts.
After 7 days fail2ban remove that firewall rule so the ip can try again. ( ofcourse it's up to you for how many days you choose to ban it )

It can also send you daily reports via email.
0
 
LVL 32

Expert Comment

by:Kamran Arshad
Comment Utility
PeturIngiEgilsson!

Fail2ban seems very promising tool. Thanks for sharing it.
0
 
LVL 19

Expert Comment

by:jools
Comment Utility
I use denyhosts (suggested by amit_g) on a production server, it cut down the logs of connection attemptsfrom about 10 pages to just one.

Easy to configure and it just runs away, no intervention needed (unless someone accidentally locks themselves out).

I'd definately use it again.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now