Hallo, Arnold Krille hat gesagt: // Arnold Krille wrote: > I have a script that filters the log-files for "invalid user", extracts the > IP > and adds it to the RECENT table (which is used for blocking for five > minutes). > But some of these attackers have botnets which means a lot of IP's to be > blocked before they finished their username-list...
Basically that's what denyhost does, and it also has additional features like a realtime bla/ocklist, which also blocks distributed attacks that are not affected by blocking single IPs because one attacker there is able to use a new IP for each attempt. OTOH botnets usually are interested in servers with more valuable data than most of us have. > From my experience using key-logins only helps when you have only linux > users. > Most windows people don't really understand the concepts of security, public > keys and such. True, but for home-machines of Linux Audio freaks, usually nobody from a Windows machine needs to log in anyway. ;) And if it's a public server, I'd rather not have anybody logging in through ssh who is not capable of dealing with key logins. I disabled password logins through ssh on my public machines. Ciao -- Frank _______________________________________________ Linux-audio-dev mailing list [email protected] http://lists.linuxaudio.org/mailman/listinfo/linux-audio-dev
