[BlueOnyx:11962] Re: Blocking brute force SSH login attempts

Steffan mailinglist at tikklik.nl
Thu Jan 10 05:22:22 -05 2013 

Hello Greg,

 

Is the DFIX allready for 5107, in the past ity only worked on 5106

 

 

Thanxs


Steffan

 

Van: blueonyx-bounces at mail.blueonyx.it
[mailto:blueonyx-bounces at mail.blueonyx.it] Namens Greg Kuhnert
Verzonden: woensdag 9 januari 2013 20:43
Aan: BlueOnyx General Mailing List
Onderwerp: [BlueOnyx:11954] Re: Blocking brute force SSH login attempts

 

DFIX is a free product available from the new combined Compass / BlueOnyx /
Solarspeed stores. It blocks SSH brute force attacks and much more. To get
DFIX, you will need to register to one of the stores if you have not already
done so, and "purchase" the free bundle for $0. You can then install via
NewLinQ.

 

Note: Anyone who has previously had an account with either Solarspeed or
Compass, you should first try to reset your password in the new store - and
then connect to NewLinQ using the instructions at the link below. It is
important for all clients to perform this step to get access to any
updates/patches for any of your purchases.

 

The instructions to connect to NewLinQ are here.
http://www.compassnetworks.com.au/delivery

 

Regards,

Greg.

 

 

On 10/01/2013, at 1:14 AM, Fungal Style <wayin at hotmail.com> wrote:





As far as I know... yes and no....
 
BO will block accounts and IPs that are attempted to be brute forced, but
the account needs to exist, well that has been my experience....
 
I tend to use the iptables and block /32 or if it is from China or other
known hacking countries then a /24 is a minimum... 
 
I have been thinking of routing everything through a firewall or sorts so
that the hackers will usually hit it first then get the IP blocked (as all
other servers would be on a virtual LAN)... or something like that.... but
it needs more thought at this stage and I just dont have the time to look
too far into it.
 
If anyone has a good solution (preferrably free) then I am open to
suggestions too (much like most on this list I would assume).
 
HTH
 
Brian
 

  _____  

From: james at slor.net
To: blueonyx at blueonyx.it
Date: Wed, 9 Jan 2013 09:07:31 -0500
Subject: [BlueOnyx:11940] Blocking brute force SSH login attempts

Is there a simple way in BlueOnyx to auto-block hosts that fail to login via
SSH too many times?  Something similar to the Failed Logins settings for the
BlueOnyx login page but for SSH?

 

thanks


_______________________________________________ Blueonyx mailing list
Blueonyx at mail.blueonyx.ithttp://mail.blueonyx.it/mailman/listinfo/blueonyx

_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20130110/82101498/attachment.html>

More information about the Blueonyx mailing list