[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?

Subject: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
From: cfowler at outpostsentinel.com (Chris Fowler)
Date: Thu, 23 Dec 2010 10:30:06 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On Thu, 2010-12-23 at 10:20 -0500, Matty wrote:
> fail2ban works pretty well:
> 
> http://www.fail2ban.org/wiki/index.php/Main_Page
> 
> 

ditto

I use fail2ban with Asterisk to block brute force sip registration
attempts.  Earlier this year we had a successful attack that cost up $70
in SIP fees!!  I then install fail2ban and then used randomly generated
long passwords on the phones.  Problem solved.

The password change and cleanup of the sip.conf file really helped but
it is nice to know that if someone tries too hard they will be blocked.
While I was configuring the phones with the new passwords some of our
phones were blocked by fail2ban.  It works.

References:
- [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
  - From: vanloggins at gmail.com (Van Loggins)
- [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
  - From: matty91 at gmail.com (Matty)

Prev by Date: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Next by Date: [ale] interesting salary data posted by Red Hat
Previous by thread: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Next by thread: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Index(es):
- Date
- Thread