On Wed, Mar 14, 2007 at 10:40:44AM -0600, Adam Findley wrote: > So I am getting hit by ssh bots like crazy. It seems that they have > discovered my ssh server. Anywho, while they are not getting in, they > are killing my bandwidth. There is this article I found that after 15 > failed attempts it adds your ip to a block list. While this sounds like > a great solution, it is based on BSD. Does anyone know of a linux solution?
Consider moving your SSH to a different port, and maybe move it around from time to time (and let your users know). Then you can just deny 22 But the iptables suggestions other have made might be good for the new port as well. -- Charles Curley /"\ ASCII Ribbon Campaign Looking for fine software \ / Respect for open standards and/or writing? X No HTML/RTF in email http://www.charlescurley.com / \ No M$ Word docs in email Key fingerprint = CE5C 6645 A45A 64E4 94C0 809C FFF6 4C48 4ECD DFDB
pgpFLBG7qjjYq.pgp
Description: PGP signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
