How do I stop bruteforce SSH login attempt?

Daniel Carrera daniel.carrera at
Wed Apr 12 11:52:40 UTC 2006

Soo-Hyun Choi wrote:
> A few days ago, I have noticed that my system is under constant
> attack(?) with a bruteforce SSH login - e.g., from a single IP
> address, it tries like 100 ~ 200 ssh login trial with all different
> user names, and go away.
> I know how to block it in a FreeBSD system with "denyhost" or
> "bruteforceblocker" from the ports, but I have little knowledge in my
> Ubuntu 5.10 box.

You could setup an iptables rule for this:

# iptables -A INPUT -j DROP --source <offending-ip>

I can't remember how to do that at boot time though.

    /\/_/   A life? Sounds great!
    \/_/    Do you know where I could download one?

More information about the ubuntu-users mailing list