[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
plug-admin@lists.phillylinux.org <> wrote:
How are you deterining "unauthorized" SSH attempts? Do you mean you limit SSH access to certain source IPs? Kinda limits you somewhat from checking your home LAN from whereever you happen to be, doesn't it?
What I consider unauthorized attempts are ones that have previously tried different login names and tried to guess passwords on my system. If you notice that someone somewhere in the world is attempting to login to your system searching for passwords and various login names and their IP address is constant then it would behove you to block ssh from that IP address. This has happened more than once on my system.
How do you implement this? Do you have a blacklist file or do you create a rule for each attempt through iptables?
gpg fingerprint: 62DE 6CAB CEE1 B1B3 359A 81D8 3FEF E6DA 8501 AFEA
Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQE+RR8vP+/m2oUBr+oRApdfAJ9lkbdTPa3louvgvlhE8Ltz6cwZHgCgj2gE fsFj0Kl0o3dd0pY+i70m+G8= =KXNf -----END PGP SIGNATURE-----
_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug