Also on the forums there's a script called "fail2ban". It's a python script and it monitors my logs for failed logins. I can set the time they're banned for and how many login attempts to tolerate.
http://fail2ban.sourceforge.net/ http://forums.gentoo.org/viewtopic-t-255103-highlight-fail2ban.html Sean Wells Network Administrator Data Mosaics, Inc. 2406 S. Dishman Mica Rd. Suite 6 Spokane Valley, WA 99206 866.904.DMSF (phone) 509.928.4236 (fax) -----Original Message----- From: Old, Gregory [mailto:[EMAIL PROTECTED] Sent: Friday, May 06, 2005 10:23 AM To: '[email protected]' Subject: RE: [gentoo-server] sshd (many connection attempts with invalid user) Claudinei, I have seen the same issue with SSH attempts, what I did was I changed my default port to a non-standard port. This eliminated the problem for me. You can change the port setting in the sshd_config file and then restart the daemons. Thanks, Greg Old -----Original Message----- From: Kirk Hoganson [mailto:[EMAIL PROTECTED] Sent: Friday, May 06, 2005 12:56 PM To: [email protected] Subject: Re: [gentoo-server] sshd (many connection attempts with invalid user) It could be done using iptables, but I am not aware of such functionality within the sshd itself. Kirk Claudinei Matos said the following: > Hi, > > I have a lot of connection attempts in my ssh server. I've take a look > at sshd_config man pages but I didn't found a way to deny the source > ip of the attempts by 5 minutes (i.e.) if this ip can't login after 5 > attempts (i.e.). Is there a way to do this? > > Tks, > > Claudinei Matos > -- [email protected] mailing list -- [email protected] mailing list -- [email protected] mailing list
