[BlueOnyx:11943] Re: Blocking brute force SSH login attempts
Fungal Style
wayin at hotmail.com
Wed Jan 9 09:14:41 -05 2013
As far as I know... yes and no....
BO will block accounts and IPs that are attempted to be brute forced, but the account needs to exist, well that has been my experience....
I tend to use the iptables and block /32 or if it is from China or other known hacking countries then a /24 is a minimum...
I have been thinking of routing everything through a firewall or sorts so that the hackers will usually hit it first then get the IP blocked (as all other servers would be on a virtual LAN)... or something like that.... but it needs more thought at this stage and I just dont have the time to look too far into it.
If anyone has a good solution (preferrably free) then I am open to suggestions too (much like most on this list I would assume).
HTH
Brian
From: james at slor.net
To: blueonyx at blueonyx.it
Date: Wed, 9 Jan 2013 09:07:31 -0500
Subject: [BlueOnyx:11940] Blocking brute force SSH login attempts
Is there a simple way in BlueOnyx to auto-block hosts that fail to login via SSH too many times? Something similar to the Failed Logins settings for the BlueOnyx login page but for SSH?
thanks
_______________________________________________ Blueonyx mailing list Blueonyx at mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20130109/45aeb81c/attachment-0001.html>
More information about the Blueonyx
mailing list