[Leaplist] fail2ban
Phil Barnett
philb at philb.us
Tue Mar 9 00:39:01 EST 2010
On Mon, 2010-03-08 at 20:45 -0500, Jason Boxman wrote:
> On 3/8/2010 6:53 PM, Phil Barnett wrote:
> > I was looking for a solution to automatically firewall password guessing
> > attacks to ssh my server and came across this interesting solution.
>
> The risk is a crafty attacker successfully bans you, should you be
> accessing the host primarily remotely.
>
> Instead, I use OpenSSH AllowUsers and only allow access via keys.
>
>
I disallow root logins without a key already. But this is a public
server with many hosted sites that use ssh to move files instead of ftp,
which I still support, but I tell most of my users that they are more
secure to use ssh to move their files.
These hacking 'script kiddie' attempts have been going on for a long
time with no success, but now they don't flood my log file. A few hits
and it stops.
And, yes, there could be a crafty denial of service.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list