limit ssh attempts
Peter
plp-ysDPMY98cNQDDBjDh4tngg at public.gmane.org
Mon Nov 28 20:10:33 UTC 2005
On Mon, 28 Nov 2005, lfeder wrote:
> I though about accepting ssh from only specific IPs. However this would
> prevent remote logins from a new location. Any you know how that is. Just
> when you absolutely need to login remotely, your own server locks you out.
> So I figured on plan B. To limit the amount of bad SSH attempts. I used to
> see hundreds of bad sshd attempts on all kinds of servers. No one needs
> this. Thus I found these iptables that prevent multiple ssh attempts and
> DROP them like a bad habit.
>
> BTW,
> I always make important passwords with a lot of alphanumerics.
> I don't think uppercase/lowercase and all kinds of complexity is that
> important, rather just keep it out of the normal dictionary
>
> As always, I welcome feedback and improvements.
Imho, examine the procedure known as port knocking. This can be used to
send a subliminal 'Sesame Open' message to a server's firewall (using a
suitable deamon).
Peter
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list