Dos attack on SSH
Tim Van Dyne
Tim.VanDyne at valleyair.org
Mon Jul 12 16:13:13 UTC 2010
>Tanweer Noor wrote:
>> use /etc/hosts.allow option for ssh and for Apache check your
httpd.conf
>> file for options.
>>
>fail2ban.
> mark
Denyhosts is what I've used for a few years. Works great & fills up the
/etc/hosts.deny file.
Although like stated above using a block-first policy with added allows
in the hosts.allow file you wouldn't need another app. Changing the
SSHD port to something else like 222 actually drops breakin attempts
down to nothing obviously because they're scanning for 22 and don't even
pick you up most of the time.
More information about the redhat-list
mailing list