Off the top of my head:
grep the message or secure logs for authentication failures every 5-20
minutes.
count the failures for a specific user attempt
if attempts > setpoint then usermod the shell to /dev/null or something
Paul Farber
Farber Technology
[EMAIL PROTECTED]
Ph 570-628-5303
Fax 570-628-5545
On Fri, 3 Nov 2000, Admin wrote:
> Hello,
>
> I have already posted these questions but no one is responding to my post.
> Could someone at least give me a clue what an alternative could be.
>
> a). I would like to prevent someone from using a cracker program on my SSH
> server and the only way to do that is to lock out an account if
> it's password has been entered incorreclty for 100 time. Can this be
> done, what setting do you use to lock out SSH ?
>
>
> b). Does SSH for Windows/NT come with a service that could be used as SSHD
> in Unix\Linux such that you could log into it ?
>
>
> Thanks all.
>
>
