[ale] any suggestions on an automated method for blocking repeated failed ssh login attempts?
Michael Trausch
mike at trausch.us
Thu Dec 23 16:51:56 EST 2010
On Dec 23, 2010 3:30 PM, "Michael H. Warfield" <mhw at wittsend.com> wrote:
> Port knocking, moving the port, and all that other noise is just
> avoiding really dealing with the security of your setup. If you are
Indeed. I have tried at points long ago in the past to move the port to hide
it. It never works. Someone always comes along and does a portscan, sees
that OpenSSH is running on a non-standard port, and goes off with it.
I do block IPs that fail repeatedly, but only to reduce output to the log
files and reduce bandwidth usage in the upstream direction, as my clients
network resources are quite thin.
--
Sent from my G2 running CyanogenMod!
That is, a phone. :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20101223/7cb43300/attachment.html
More information about the Ale
mailing list