| sshd configuration advice, please? |
by bobmon |
2007-01-25 07:03:24 |
Can I (and assuming "yes", *how* can I) configure sshd to temporarily blacklist an ip address after it's failed some number of login attempts?
See, I finally read some of my webserver log messages :( and some of the login attempts are just too annoying. Like 1500 attempts from some scriptkiddy in Italy or Japan, trying every account name they could think of. Including single-character punctuation marks... it would never have crossed my mind to create a user account named "?", and I'll be sure not to do it now...
Anyway, I'd like to just ignore the ip address completely for awhile (say, 24 hours) after it's failed maybe 10 login attempts. Alternatively, I'd like to ignore it permanently.
Any suggestions? TIA
|
|
[ Reply ] |
|
One thing you can do is to put a delay | by imrambi | 2007-01-25 07:09:54 |
|
I'll look into that. | by bobmon | 2007-01-25 07:18:38 |
|
IIRC, you can only do that permanently | by Stuka | 2007-01-25 07:11:18 |
|
a scripting tool would be fine. I'll try google. | by bobmon | 2007-01-25 07:16:38 |
|
who uses the server? | by Freakazoid | 2007-01-25 07:18:05 |
|
Something for your reading pleasure | by imrambi | 2007-01-25 07:19:23 |
|
my bits | by c3po | 2007-01-25 07:52:54 |
|
One warning here - make sure you don't lose your | by sazzer | 2007-01-25 08:22:04 |
|
one word: terminalserver :o) | by c3po | 2007-01-25 11:12:59 |
|
and do not forget - you | by c3po | 2007-01-25 11:24:17 |
|
meh, harmless. | by CALL-198 | 2007-01-25 08:20:47 |
|
*waits for the inevitable* (n/t) | by Sharku | 2007-01-25 08:23:28 |
|
Bandwidth costs most people money | by ormandj | 2007-01-25 10:47:32 |
|
I realize all of the above: | by CALL-198 | 2007-01-25 14:55:22 |
|
You didn't specify OS | by ormandj | 2007-01-25 10:14:51 |
