On Sat, Jan 17, 2009 at 05:51:42PM +0100, Martin Leben wrote: > > An even better solution (in MY opinion) is to install fail2ban. It watches > the > log files and bans the IP addresses that makes repeated failed login > attempts. > All parameters can be configured, such as number of attempts, ban time etc. >
Simply do this: - restrict login to key-based authentication - make use of AllowUsers/AllowGroups in sshd_config It makes things like fail2ban (and other port knocking schemes) basically unnecessary. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
