DragonFly BSD
DragonFly users List (threaded) for 2005-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Note to LEAF users on ssh logins

From: Garance A Drosihn <drosih@xxxxxxx>
Date: Thu, 3 Mar 2005 18:00:32 -0500

At 7:23 PM -0800 3/2/05, Matthew Dillon wrote:
    Leaf and, in fact, all of my machines which have open ssh
    ports are getting random hack attempts, about 20-30 a day in
    short bursts, usually from a different IP address each day.

    I am rather disquieted by the continuous attempts so I have
    written and intalled a little program to monitor the syslog
    which will automatically block failed password or illegal
    user login attempts.

A friend of mind recently wrote something similar, using perl. His was written for FreeBSD and ipfw, but would be easy to adapt. The main difference is that his setup supports the idea that these ipfw rules should expire after awhile.


I haven't used this at all, but a few of my friends have been
using it for a few weeks, so it might be interesting to look at.

Garance Alistair Drosehn            =   gad@xxxxxxxxxxxxxxxxxxxx
Senior Systems Programmer           or  gad@xxxxxxxxxxx
Rensselaer Polytechnic Institute    or  drosih@xxxxxxx

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]