SSH IP blocking?

[sdavmor]

Kent Borg wrote:
> Keith Clark wrote:
>> Is there a way to block ip addresses from attempting ssh 
>> connections?  I noticed in my auth.log a few people trying to 
>> gain access over and over again and would like to stop them.
> 
> Be careful of automatically banning IP addresses, you might lock 
> yourself out.  Be careful of permanently banning addresses, you 
> might lockout something your don't want to lock out.
> 
> I like the solutions that temporarily throttle bad 
> attempts--combined with high quality passwords that will require 
> billions of tries to have a good chance of getting in.
> 
> Note, sshd already limits how fast passwords can be tried, making 
> high quality passwords very secure.  Maybe you don't need any 
> add-on.
> 
> 
> -kb

We just selected a different high number port to move all SSH
requests to, and closed off port 22. Now our company stores don't
even acknowledge the connection attempt and present a "login"
unless the request comes in on the high number port we chose.
-- 
Cheers,
SDM -- a 21st century schizoid man
Systems Theory internet music project links:
official site <www.systemstheory.net>
MySpace MP3s <www.myspace.com/systemstheory>
CDBaby <www.cdbaby.com/systemstheory>
"Soundtracks For Imaginary Movies" CD released Dec 2004
"Codetalkers" CD now available for free download at:
<www.mikedickson.org.uk/codetalkers>
NP: nothing