iptables +block country

Markus Schönhaber ubuntu-users at list-post.mks-mail.de
Mon Aug 16 09:34:45 UTC 2010


16.08.2010 10:57, Harry Strongburg:

> But yeah, fail2ban and using a high port for anything with 
> authentication has lowered attacking bots to less than one per year. The 
> one or two it catches per year appeared to have been manually started, 
> not a normal port-22 scan. The one to two that comes in, fail2ban grabs 
> and bans them for however long I want! >:) As long as your password is 
> "good".

Yep, that's similar to what I do:
- wherever possible, I don't allow password-based authentication for ssh
at all. This is for security.
- I move the ssh port way up. This is to mute the noise.

-- 
Regards
  mks





More information about the ubuntu-users mailing list