On 12/26/05, Carlos E. R. <robin1.listas@tiscali.es> wrote:
I just tried the trick I mentioned the other day, making use of the "recent" module for iptables, and it works. It allows me to try six times in a minute, and the seventh it blocks me. It can be adjusted. This is what I see on the log for failed tries:
Yes, this worked beautifully on my test box, but when I implemented it on my production box, the firewall permanently blocked all ssh access for some reson. I have not been able to figure out why. Being a production box, I cannot afford to play around with it too much, so I had to take option 2 (change ssh port) until I can find time again when fidgeting with the firewall won't affect service too much. -- Andre Truter | Software Engineer | Registered Linux user #185282 ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.za.org ~ A dinosaur is a salamander designed to Mil Spec ~