How do I stop bruteforce SSH login attempt?
Chris Peterman
kyral at ubuntu.com
Wed Apr 12 11:50:15 UTC 2006
On Wednesday 12 April 2006 07:30, Soo-Hyun Choi wrote:
> Hi,
>
> A few days ago, I have noticed that my system is under constant
> attack(?) with a bruteforce SSH login - e.g., from a single IP
> address, it tries like 100 ~ 200 ssh login trial with all different
> user names, and go away.
>
> I know how to block it in a FreeBSD system with "denyhost" or
> "bruteforceblocker" from the ports, but I have little knowledge in my
> Ubuntu 5.10 box.
>
> Would there be anyone who could tell me something about it?
>
> Thank you.
> Soo-Hyun
Just add "ALL: <offending IP Address>" to /etc/hosts.deny. Also HowtoForge has
a nice little DenyHosts script that takes care of these so-called Dictionary
Attacks
--
~ Chris "Kyral" Peterman
Computer Science Undergraduate
Clarkson University
Associate Member of the Free Software Foundation
Ubuntu Member
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060412/cabc6c36/attachment.sig>
More information about the ubuntu-users
mailing list