The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Stop the attempts as well
Author: volswagn 
Date:   28-06-07 23:23

I have a machine that I need to access at any given time, and I'm never quite sure from where I'm going to access it because I could be on the road when I have to ssh in.

I got sick of watching people try to hack my ssh password, so I found sshblack ( which is VERY cool and which I've "adapted" to vsftp as well.

It monitors my ssh and/or vsftp logfiles for "Invalid" entries and after a certain number of tries, it just drops the packets from that IP for three days. You can set an IP whitelist as well. SSH I give them two tries. VSFTP I give them eight (since I often have to give out VSFTP accounts to end-users and I know they're more likely to mess up a password than I am).

Just another way to tackle the problem. Disable root access of course, then they only get one chance every three days to brute force your passwords. Not a chance in the world they'll be able to do that, and they'll grow frustrated long before they could ever do it.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum