In our 'periodic daily' report/email, (only the list goes on for hundreds of attempts). Anyhow, long story short; is there not an easy way to make sshd block or deny hosts temporarily if X number of invalid login attempts are made within a minute's time?

to reduce the brute force attacks + voluminous logging, tell sshd to listen on port other than 22.

google for "tcp wrappers sshd" for examples of how to use tcp wrappers in reactive blocking


_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to