[WBEL-users] kill ssh dictionary attacks
Graham Waring
liverbird89 at hotmail.com
Thu Mar 23 06:29:02 CST 2006
G'day everyone,
Not just for whitebox but an email to pass on a link to a pretty cool python
app for many linux's. Around this time last year this list was discussing
this very issue and I hope this comes in handy for at least one of you. It
has always annoyed the cr at p out of me each morning as I go through the logs
on my linux servers to see attempted ssh connections using every username
under the sun as some person tries to guess my passwords (dream on) and
"own" my servers. I have used port knocking which is really good and works
well, but I ssh to "lots" of remote linux boxes...and I just want to ssh in,
sometimes as quick as possible without executing a port knock sequence. I
use it on whitebox, centos, suse, debian and aurora with no problems. It
just works and when I see "connection refused" in the logs, I declare out
loud how good it is (even if nobody is listening). Anyway, check out:
http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts
I hope this is of some use to those who are suffering from the over night
ssh attempts.
Sorry if this list is supposed to be whitebox only related chat, I am just
passing on something that may help.
Cheers
Graham
More information about the Whitebox-users
mailing list