On Wed, Jan 27, 2010 at 1:11 PM, Jason A. Nunnelley <[email protected]> wrote: > On Wed, Jan 27, 2010 at 1:03 PM, Domenic Santangelo <[email protected]> > wrote: >> I'm hearing some complicated attack vectors being tossed around in here >> (password sniffing, mitm, etc) -- don't forget about a pretty simple one: >> dictionary attacks. I recently took over a project for a small-medium sized >> client and upon looking at the secure log noticed 50k+/day dictionary >> attacks against SSH. I installed fail2ban and now get 5-6 emails daily about >> brute-force hack attempts. > > Just wonder why you don't simply block attempts beyond 5 or 10.
If you are going to go through the effort of fail2ban and similar software why not use Public Key Authentication and call it good? Samir Nassar http://samirnassar.com
