Joop Beris wrote:
On Saturday 03 October 2009 17:16:09 Per Jessen wrote:
I've just remembered the only drawback - using rsync, scp and others who use ssh under the covers does become a little tiresome, but I think both rsync and scp have environment variables that'll set a usable default so you don't have to specify the new port all the time.
Fail2ban is your friend: http://www.fail2ban.org/wiki/index.php/Main_Page
I use it to protect my home server against SSH and Apache attacks. Works like a charm and I don't have to use the "security through obscurity" approach by running my ssh daemon on a different port. Sure, it will stop scripted attacks, but it breaks rsync et al.
HTH,
Joop
You've misinterpreted the entire thread. Slow distributed ssh attacks go right thru Fail2ban, because they don't hit you from the same address and they don't hit you in quick succession. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org