Full Disclosure mailing list archives
Re: targetted SSH bruteforce attacks
From: wahjava.ml () gmail com (Ashish SHUKLA)
Date: Fri, 18 Jun 2010 23:08:22 +0530
Gary Baribault writes: [...]
Both of these systems are within one /21 and get attacked regularly. I run Denyhosts on them, and update the central server once an hour with attacking IPs, and obviously also download the public hosts.deny list.
How about combining denyhosts with netfilter through its plugin mechanism ? In addition to adding entry to hosts.deny file, you can also play with netfilter and 'recent' extension. Ashish -- Sent via Gnus from GNU Emacs They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety. -- Benjamin Franklin, Memoirs of the life and writings of Benjamin Franklin
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: targetted SSH bruteforce attacks, (continued)
- Re: targetted SSH bruteforce attacks Valdis . Kletnieks (Jun 18)
- Re: targetted SSH bruteforce attacks Marsh Ray (Jun 21)
- Message not available
- Re: targetted SSH bruteforce attacks Marc Olive (Jun 22)
- Re: targetted SSH bruteforce attacks bugs (Jun 26)
- Re: targetted SSH bruteforce attacks Sebastian Rother (Jun 17)
- Re: targetted SSH bruteforce attacks Thor (Hammer of God) (Jun 17)
- Re: targetted SSH bruteforce attacks BMF (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 18)
- Re: targetted SSH bruteforce attacks Ashish SHUKLA (Jun 18)