Kevin van Zonneveld explains how to slow down brute force attacks on your ssh server so much it makes them useless. It's so simple there is no good reason not to do it.
__________________
CAN I HAS FIXD CAPSLOK KEE PLZ?
Block brute force attacks with iptables
Submitted by tbuitenh on Thu, 2007-08-02 10:14.
- tbuitenh's blog
Login or register to post comments
0 points
tags in Blogs
Who's online
There are currently 0 users and 10 guests online.
I've been recently also
I've been recently also playing with the recent-module.
It seems pretty cool to block any kind of "too much noise".
I have, probably a bot-net, trying to get in my FTP-server at work. The problem is that it doesn't disconnect after a failed login, so the recent-module doesn't work here since only one new connection is necessary.
The last attack was a surprise, starting at 8pm last night, until 10 this morning when I manually blocked the IP. The whole time from one IP, that's an exception, usually one IP attacks for about an hour or two, then the next starts.
Well, still got to find a good solution for this.
Login or register to post comments 0 points
another article, inspired
another article, inspired by the first, explains some more sophisticated options
CAN I HAS FIXD CAPSLOK KEE PLZ?
Login or register to post comments 0 points