tightening ssh
Knute Johnson
knute at frazmtn.com
Tue Nov 22 02:14:16 UTC 2005
>
>What I did here for a while was run what amounts to a simple shell
>script that grabbed the IP's of the attacking machines and stuffed
>them into an IP-level filter against all traffic from that machine.
>This still allowed the attacker to have 5-10 seconds of fun, but life
>got really boring for them after that.
>
>-wolfgang
I found an idea that uses the recent module of iptables. Was easy to
write and works really well. The first connection gets through but
fails because of the public/private key setup and the second
connection is dropped. I know that it uses some cpu time and that
isn't a consideration on my machine with only one user but after two
tries they go away. Before I put the chains into iptables they would
attack for as much as an hour or more. I would guess that would use
more cpu over time.
Wolf: Thanks again for the instructions on the p/p key setup.
--
Knute Johnson
Molon Labe...
More information about the fedora-list
mailing list