I do it on my core router and block their ip access to any service on my entire network and not just ssh on the linux box itself but any other possible attack vector they might throw on any system with public ip. Don't think that they will only attack and test ssh ports.
/Eje Sent via BlackBerry from T-Mobile -----Original Message----- From: Rogelio <[email protected]> Date: Fri, 01 May 2009 18:31:41 To: WISPA General List<[email protected]> Subject: Re: [WISPA] Crude dictionary attack via ssh Josh Luthman wrote: > Install DenyHosts and those go away. ditto http://denyhosts.sourceforge.net/ http://denyhosts.sourceforge.net/faq.html http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts "DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks). If you've ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc...) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system?" -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
