[Tfug] Stopping repeated login attempts
Jon
bigj at voipmogul.net
Wed Jan 27 17:33:57 MST 2010
JD Rogers wrote:
> aptitude install fail2ban
>
> JDR
>
>
> On Mon, Jan 25, 2010 at 11:57 PM, Louis Taber <ltaber at gmail.com> wrote:
>
>> Hi,
>>
>> Looking at my log files I am getting repeated login attempts from China. I
>> changed my NAT port setting in the router and it slowed down for a few
>> hours. What is the best way for dealing with this? I don't think a manual
>> solution will be the best.
>>
>> http://www.okean.com/antispam/iptables/rc.firewall.china has a list of
>> Chinese IP addresses for blocking spam.
>>
>> Denyhosts looks interesting: http://stats.denyhosts.net/stats.html
>>
>> What works best for the effort needed to set it up?
>> What is going to require the least long term maintenance?
>>
>> Thanks. - Louis
>>
>>
>>
>>
>> _______________________________________________
>> Tucson Free Unix Group - tfug at tfug.org
>> Subscription Options:
>> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>>
>>
>>
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
Fail2Ban or BFD/AFP (http://www.webhostgear.com/60.html)
Moving SSH to another port would be like moving the door on your house
to prevent burglars from kicking it in.
--
Jon
www.VoIPmogul.net
More information about the tfug
mailing list