> ...after a bit more investigation, here's my /etc/hosts.deny, based on the
> 25,000 attempts in the last month!

Wrong approach. You do it the other way round. You work out which IP
numbers need to connect to your ssh server (usually very few), the rest
goes to /dev/null. To be really anal, restrict which users are allowed
to use sshd, the rest gets a password failure until the sky comes down.
Both can be configured within /etc/ssh/sshd_config, though using
tcpwrappers as a first shield might be better. Even better, use your
firewall.

Volker

-- 
Volker Kuhlmann                 is possibly list0570 with the domain in header
http://volker.dnsalias.net/             Please do not CC list postings to me.

Reply via email to