Author: volswagn
Date: 28-06-07 23:23
I have a machine that I need to access at any given time, and I'm never quite sure from where I'm going to access it because I could be on the road when I have to ssh in.
I got sick of watching people try to hack my ssh password, so I found sshblack (http://www.pettingers.org/code/sshblack.html) which is VERY cool and which I've "adapted" to vsftp as well.
It monitors my ssh and/or vsftp logfiles for "Invalid" entries and after a certain number of tries, it just drops the packets from that IP for three days. You can set an IP whitelist as well. SSH I give them two tries. VSFTP I give them eight (since I often have to give out VSFTP accounts to end-users and I know they're more likely to mess up a password than I am).
Just another way to tackle the problem. Disable root access of course, then they only get one chance every three days to brute force your passwords. Not a chance in the world they'll be able to do that, and they'll grow frustrated long before they could ever do it.
|
|
