On Wednesday 19 September 2007, Niko wrote: > > Out of topic, but for your information if you don't already know about > it, there's a nice tool to get rid of from ssh attacks (cpu effects, > inconvenience, ...), it's fail2ban (http://www.fail2ban.org). > > Quick and easy to setup. >
I've used sshblack for many months, before I joined the pool. It too I find easy to setup and very stable. I've seen a noticeable increase in hack attempts since joining the pool, guess that is only to be expected. However, someone caught in my web goes into the penalty box for 15 days firewall dropping ALL packets (not just ssh connect requests) from that IP. No more ntp for them... 24 addresses and counting (2-4 per day on average). One extra special ip address, who has tried to hack in 5 consecutive times, gets special stop on the permanent honor roll. And on some occasions, especially US IP addresses, I send their ISP an abuse email. Brian _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
