MLUG: Mizzou Linux Users GroupHome | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact
MLUG: RE: [MLUG] Debian SSH root access keys
RE: [MLUG] Debian SSH root access keys
Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
It is a perl script that runs as a service.  It monitors your security
log or whatever log sshd reports to for invalid login attempts.  If it
detects X number of invalid login attempts from the same IP then it puts
that IP in a blacklist in iptables.  It also keeps a log of how long
that IP has been blocked and removes it after so many days.  This way
your blacklist does not get too long. 

--
Daniel Nowlin
DataCenter Tech III
TelCom DataCenter


-----Original Message-----
From: EMAIL:PROTECTED
[mailto:EMAIL:PROTECTED] On Behalf Of Mike Miller
Sent: Thursday, May 15, 2008 20:23
To: MLUG Members
Subject: RE: [MLUG] Debian SSH root access keys

On Thu, 15 May 2008, Nowlin, Dan wrote:

> Glad I have sshblacklist installed and working.  I was just starting
to 
> see a drop in ssh hacks too.


I don't know what that is but I have been using tcpwrappers to block ssh

from most of the world for a long time.

Mike

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Questions? Comments? Feel free to contact MLUG.
DMCA and other copyright information.