Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
It should be in your /var/log directory. It may not be called auth.log
but you should have something like it. SSHBlackList is not distro
specific so it should work with SUSE. You will just have to do a little
setup in the program for your distro.
Dan
Phillip Kelchen wrote:
On Tuesday 21 March 2006 22:27, Josh wrote:
For those lucky enough to run Debian, I highly recommend installing
fail2ban.
If you have a publically available SSH server, check your auth.log... I
find most such machines have (literally) a thousand or so failed login
attempts a day from bots searching for weak machines. fail2ban is a
great debian package that uses an iptables blacklist to block any IP
with 4 or more failed attempts in some short time period from logging in
for the next 600 seconds.
apt-get install fail2ban
How would I do this on a SuSE box? Locate and whereis turn up no sign of
auth.log. What else might it be called or what dir is it sitting in on your
box?
Phillip
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
--
Daniel Nowlin
IATS - DataCenter
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact