1 |
On Tuesday 07 November 2006 21:44, fire-eyes wrote: |
2 |
> Pavel Sanda wrote: |
3 |
> >> In addition to fail2ban, look at deny2hosts and sshdfilter. |
4 |
> > |
5 |
> > accidentally i was solving the same problem today. |
6 |
> > i tried to use hosts.allow/deny but it seems sshd doesnt |
7 |
> > reflect to them (i have tcpd use flag on). |
8 |
> > is openssh on gentoo supposed to work with these files ? |
9 |
|
10 |
> only if you have tcpd USE flag on. I would not rely on it, as it's old |
11 |
> and silly. |
12 |
|
13 |
Only consider it as an additional layer of security, but not a particularly |
14 |
robust one as IPs and MACs can be easily spoofed. Secure key authentication |
15 |
is the 'best' simple solution. |
16 |
-- |
17 |
Regards, |
18 |
Mick |