Limiting login SSH attempts?
Jason Stephenson
jason at sigio.com
Sun Aug 29 19:51:01 EDT 2004
Bill McGonigle wrote:
> On Aug 29, 2004, at 19:07, John Feole wrote:
>
>> What about using TCPWrappers and the /etc/host.allow, /etc/hosts.deny
>> funtionality?
>
>
> I only know about the attack/host-ip after the fact so I can't just add
> it to the hosts.deny. Does TCPWrappers have some stateful rules?
If you know that legitimate ssh connections will only be coming from a
certain range of IPs, then you can deny everything but what is in your
hosts.allow. You don't have to worry about denying any specific IPs,
since you deny everything but what is specifically allowed.
More information about the gnhlug-discuss
mailing list