- Posts: 4
- Thank you received: 0
Shutdown ssh brute-force password attacks
19 years 1 week ago #11360
by MobyChien
Shutdown ssh brute-force password attacks was created by MobyChien
Whenever you opened ssh access, you know you are inviting ssh brute-force attacks. I am not allowing password authentication (only Public/private key authentication) so I am relatively safe by now, but these attacks are annoying. Is there any way (e.g. using Linux firewall rules), to automatically shutdown the attack connections?
19 years 1 week ago #11381
by DaLight
Replied by DaLight on topic Re: Shutdown ssh brute-force password attacks
If you will be logging in from predetermined locations, you could allow external access based on IP or subnet. Alternatively, if you get this attacks quite frequently, you could also use iptables' rate limiting rules which allow you to specify how often you allow connections of a particular type.
19 years 1 week ago #11382
by RedRanger
RedRanger
"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."
Be Awesome
Replied by RedRanger on topic Re: Shutdown ssh brute-force password attacks
Alright, if you have a cisco router, then you can set what is called an access control list (ACL). They are very useful and effective.
RedRanger
"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."
Be Awesome
- christiaan
- Offline
- Junior Member
Less
More
- Posts: 26
- Thank you received: 0
19 years 1 week ago #11386
by christiaan
Replied by christiaan on topic Re: Shutdown ssh brute-force password attacks
Try this
denyhosts.sourceforge.net/
or read this
www.linux.com/article.pl?sid=05/09/15/1655234
Time to create page: 0.121 seconds