Limiting login SSH attempts?
John Feole
jfeole at comcast.net
Sun Aug 29 19:16:02 EDT 2004
What about using TCPWrappers and the /etc/host.allow, /etc/hosts.deny
funtionality?
Rgeards,
JFeole
--
Bill McGonigle wrote:
> Hi, guys,
>
> Does anybody have a good recipe for limiting ssh login attempts per IP?
> The latest openssh has a limit on a per-connection basis but I need to
> stop 3000 attempts per day coming in on discreet connections. The
> source IP isn't fixed.
> I'll be using portsentry as well but since sshd is listening it
> doesn't help this problem. An IDS would flag it, but I want to shut
> down the IP that has more than, say 10, failures per day. I'd like to
> do it locally, as opposed to a contrived script set launched by the IDS.
> It seems like something that ought to be straightforward and
> frequently used but I didn't have much luck searching the mailing
> lists or Google. I'm probably missing something obvious.
>
> Thanks,
> -Bill
>
> ----
> Bill McGonigle, Owner Work: 603.448.4440
> BFC Computing, LLC Home: 603.448.1668
> bill at bfccomputing.com Cell: 603.252.2606
> http://www.bfccomputing.com/ Text: bill+text at bfccomputing.com
More information about the gnhlug-discuss
mailing list