[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?

Subject: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
From: mike at trausch.us (Michael Trausch)
Date: Thu, 23 Dec 2010 16:51:56 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On Dec 23, 2010 3:30 PM, "Michael H. Warfield" <mhw at wittsend.com> wrote:
> Port knocking, moving the port, and all that other noise is just
> avoiding really dealing with the security of your setup.  If you are

Indeed. I have tried at points long ago in the past to move the port to hide
it. It never works. Someone always comes along and does a portscan, sees
that OpenSSH is running on a non-standard port, and goes off with it.

I do block IPs that fail repeatedly, but only to reduce output to the log
files and reduce bandwidth usage in the upstream direction, as my clients
network resources are quite thin.

--
Sent from my G2 running CyanogenMod!
That is, a phone. :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20101223/7cb43300/attachment.html

References:
- [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
  - From: vanloggins at gmail.com (Van Loggins)
- [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
  - From: mhw at WittsEnd.com (Michael H. Warfield)

Prev by Date: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Next by Date: [ale] interesting salary data posted by Red Hat
Previous by thread: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Next by thread: [ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Index(es):
- Date
- Thread