tightening ssh

[oleksandr korneta]

on 11/19/2005 07:47 AM Claude Jones wrote:
> I've been reading up, and talking up, various security strategies. One thing 
> that is striking to me in looking at logs for my servers are the endless ssh 
> probes that go on. It appears to be one of the most common. Up till recently, 
http://denyhosts.sourceforge.net/

<quote>
DenyHosts is a script intended to be run by Linux system administrators 
to help thwart ssh server attacks.

If you've ever looked at your ssh log (/var/log/secure on Redhat, 
/var/log/auth.log on Mandrake, etc...) you may be alarmed to see how 
many hackers attempted to gain access to your server. Hopefully, none of 
them were successful (but then again, how would you know?). Wouldn't it 
be better to automatically prevent that attacker from continuing to gain 
entry into your system?
</quote>

I'm using it for couple months. Simple installation, couple minutes for 
modification of config file and it works like a charm.

-- 
regards,
Oleksandr Korneta