Gentoo Archives: gentoo-user

From:	Nikos Chantziaras <realnc@×××××.de>
To:	gentoo-user@l.g.o
Subject:	[gentoo-user] Re: Curious pattern in log files from ssh...
Date:	Wed, 03 Dec 2008 20:16:42
Message-Id:	`gh6pef$kvp$1@ger.gmane.org`
In Reply to:	[gentoo-user] Curious pattern in log files from ssh... by Steve

1	Steve wrote:
2	> [...]
3	> Sure, I could use IPtables to block all these bad ports... or... I could
4	> disable password authentication entirely... but I keep thinking that
5	> there has to be something better I can do... any suggestions?
6
7	I'm using DenyHosts to battle this. It adds the IPs to /etc/hosts.deny
8	after a configurable amount of failed logins. It even downloads an
9	online list of IPs where attacks originate from and uploads attacks to
10	your box to this list too (if you allow it in the configuration).
11
12	After I installed this, no more brute-forcing :) I used to have
13	thousands per day.
14
15	http://www.denyhosts.net
16
17	It's in portage.

Subject	Author
Re: [gentoo-user] Re: Curious pattern in log files from ssh...	Paul Hartman <paul.hartman+gentoo@×××××.com>