Tirsdag 24 april 2007 13:12 skrev Matthew Stringer:
Hi,
I've seen the Pam modules for SSH which allow you to restrict brute force attacks by blocking users after a determined number and frequency of failed log ins.
Does anyone know if there's a similar module that blocked the source IP of a repeated failed log in attempt?
My servers are public facing constantly get brute-force attacks they use random usernames and passwords in an attempt to gain access. But as they often come from a static IP, I think it would be useful if I could automatically identify and block these source IP's from logging in via SSH.
Anyone done such a thing and if so is there a module for Pam I could download rather than having to create something.
Regards
Matthew
http://denyhosts.sourceforge.net/ :-) -- ------------------------------------------------------------------------- Med venlig hilsen/Best regards Verner Kjærsgaard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org