The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Stop the attempts as well
Author: volswagn 
Date:   28-06-07 23:23

I have a machine that I need to access at any given time, and I'm never quite sure from where I'm going to access it because I could be on the road when I have to ssh in.

I got sick of watching people try to hack my ssh password, so I found sshblack (http://www.pettingers.org/code/sshblack.html) which is VERY cool and which I've "adapted" to vsftp as well.

It monitors my ssh and/or vsftp logfiles for "Invalid" entries and after a certain number of tries, it just drops the packets from that IP for three days. You can set an IP whitelist as well. SSH I give them two tries. VSFTP I give them eight (since I often have to give out VSFTP accounts to end-users and I know they're more likely to mess up a password than I am).

Just another way to tackle the problem. Disable root access of course, then they only get one chance every three days to brute force your passwords. Not a chance in the world they'll be able to do that, and they'll grow frustrated long before they could ever do it.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org