SSH IP blocking?
sdavmor
sdavmor at systemstheory.net
Wed Apr 9 19:02:21 UTC 2008
Kent Borg wrote:
> Keith Clark wrote:
>> Is there a way to block ip addresses from attempting ssh
>> connections? I noticed in my auth.log a few people trying to
>> gain access over and over again and would like to stop them.
>
> Be careful of automatically banning IP addresses, you might lock
> yourself out. Be careful of permanently banning addresses, you
> might lockout something your don't want to lock out.
>
> I like the solutions that temporarily throttle bad
> attempts--combined with high quality passwords that will require
> billions of tries to have a good chance of getting in.
>
> Note, sshd already limits how fast passwords can be tried, making
> high quality passwords very secure. Maybe you don't need any
> add-on.
>
>
> -kb
We just selected a different high number port to move all SSH
requests to, and closed off port 22. Now our company stores don't
even acknowledge the connection attempt and present a "login"
unless the request comes in on the high number port we chose.
--
Cheers,
SDM -- a 21st century schizoid man
Systems Theory internet music project links:
official site <www.systemstheory.net>
MySpace MP3s <www.myspace.com/systemstheory>
CDBaby <www.cdbaby.com/systemstheory>
"Soundtracks For Imaginary Movies" CD released Dec 2004
"Codetalkers" CD now available for free download at:
<www.mikedickson.org.uk/codetalkers>
NP: nothing
More information about the ubuntu-users
mailing list