Re: SSH Cracking Attempts

From: Glyn Teb*** (plastic_d3c3it_at_yahoo.co.uk)
Date: 09/30/04

  • Next message: CW Harris: "Re: opera and java" 
    To: debian-user <debian-user@lists.debian.org>
Date: Wed, 29 Sep 2004 23:43:46 +0100

    On Wed, 2004-09-29 at 21:10, Nicolas wrote:
    > > So, my question is this. Is there a way to tell ssh to refuse
    > > connections from an ip address after a certain number of failed login
    > > attempts, or is snort the only way to do something like this? So far
    > > I've been taking the manual approach, blocking the ip address with
    > > my firewall after I see it hitting the logs, but that can give them
    > > about an hour to play before I notice it (e-mailed to me by logcheck).
    > >
    > > Any suggestions?
    >
    > If you dont have to much user who log in your server, you can allow only them
    > from specific IP to log in. Or you can disable the password facility and
    > only use keys (we do it this way at the job, It's also what I do at home).
    >
    > Nic Cola
    >
    > P.S.
    > Just for the fun of it, you can also tarpit the IP of the script kiddy ;o)
    Sorry to change the subject and sound dumb, but how would 1 go about
    setting up a tarbit? any urls ??
    >
    > --
    > () ascii ribbon campaign - against html e-mail
    > /\ - against microsoft attachments 

    -- 
*---------------------------------------------------------*
| Glyn Teb*** |                d3c3it-linux@ntlworld.com |
|--------------'      http://homepage.ntlworld.com/d3c3it |
| gpg-key: http://homepage.ntlworld.com/d3c3it/d3c3it.gpg |
|        Lisa, if you dont like your job you dont strike, |
|         just go in everyday and do it really half-assed | 
|                  Thats the American way. -Homer Simpson |
*---------------------------------------------------------*



    -- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: CW Harris: "Re: opera and java"