1 |
Steve wrote: |
2 |
> [...] |
3 |
> Sure, I could use IPtables to block all these bad ports... or... I could |
4 |
> disable password authentication entirely... but I keep thinking that |
5 |
> there has to be something better I can do... any suggestions? |
6 |
|
7 |
I'm using DenyHosts to battle this. It adds the IPs to /etc/hosts.deny |
8 |
after a configurable amount of failed logins. It even downloads an |
9 |
online list of IPs where attacks originate from and uploads attacks to |
10 |
your box to this list too (if you allow it in the configuration). |
11 |
|
12 |
After I installed this, no more brute-forcing :) I used to have |
13 |
thousands per day. |
14 |
|
15 |
http://www.denyhosts.net |
16 |
|
17 |
It's in portage. |