[Wylug-help] Security log message
chris at ascent.plus.com
chris at ascent.plus.com
Mon Mar 10 11:38:01 GMT 2008
>> ssh certainly gets a pounding from brute force attempts. That was why I
>> was
>> tempted by rate limiting it.
>
> It certainly does. I tend to run SSH on unconventional ports because of
> this. I see lots and lots of dictionary attacks.
>
> james
Have you tried using fail2ban:
http://www.fail2ban.org/wiki/index.php/Main_Page
I have used it successfully. It bans IP addresses for a length of time if
three unsuccessful attempts are made.
Fail2ban works well with Logwatch. Logwatch gives a daily email report of
various aspects of your system.
Chris.
More information about the Wylug-help
mailing list