[BlueOnyx:11954] Re: Blocking brute force SSH login attempts

Greg Kuhnert gkuhnert at compassnetworks.com.au
Wed Jan 9 14:43:00 -05 2013 

DFIX is a free product available from the new combined Compass / BlueOnyx / Solarspeed stores. It blocks SSH brute force attacks and much more. To get DFIX, you will need to register to one of the stores if you have not already done so, and "purchase" the free bundle for $0. You can then install via NewLinQ.

Note: Anyone who has previously had an account with either Solarspeed or Compass, you should first try to reset your password in the new store - and then connect to NewLinQ using the instructions at the link below. It is important for all clients to perform this step to get access to any updates/patches for any of your purchases.

The instructions to connect to NewLinQ are here. http://www.compassnetworks.com.au/delivery

Regards,
Greg.


On 10/01/2013, at 1:14 AM, Fungal Style <wayin at hotmail.com> wrote:

> As far as I know... yes and no....
>  
> BO will block accounts and IPs that are attempted to be brute forced, but the account needs to exist, well that has been my experience....
>  
> I tend to use the iptables and block /32 or if it is from China or other known hacking countries then a /24 is a minimum... 
>  
> I have been thinking of routing everything through a firewall or sorts so that the hackers will usually hit it first then get the IP blocked (as all other servers would be on a virtual LAN)... or something like that.... but it needs more thought at this stage and I just dont have the time to look too far into it.
>  
> If anyone has a good solution (preferrably free) then I am open to suggestions too (much like most on this list I would assume).
>  
> HTH
>  
> Brian
>  
> From: james at slor.net
> To: blueonyx at blueonyx.it
> Date: Wed, 9 Jan 2013 09:07:31 -0500
> Subject: [BlueOnyx:11940] Blocking brute force SSH login attempts
> 
> Is there a simple way in BlueOnyx to auto-block hosts that fail to login via SSH too many times?  Something similar to the Failed Logins settings for the BlueOnyx login page but for SSH?
>  
> thanks
> 
> _______________________________________________ Blueonyx mailing list Blueonyx at mail.blueonyx.ithttp://mail.blueonyx.it/mailman/listinfo/blueonyx
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20130110/09877ace/attachment.html>

More information about the Blueonyx mailing list