iptables +block country
Markus Schönhaber
ubuntu-users at list-post.mks-mail.de
Mon Aug 16 09:34:45 UTC 2010
16.08.2010 10:57, Harry Strongburg:
> But yeah, fail2ban and using a high port for anything with
> authentication has lowered attacking bots to less than one per year. The
> one or two it catches per year appeared to have been manually started,
> not a normal port-22 scan. The one to two that comes in, fail2ban grabs
> and bans them for however long I want! >:) As long as your password is
> "good".
Yep, that's similar to what I do:
- wherever possible, I don't allow password-based authentication for ssh
at all. This is for security.
- I move the ssh port way up. This is to mute the noise.
--
Regards
mks
More information about the ubuntu-users
mailing list