fedora at dicker.nl
Sat Feb 11 22:38:10 UTC 2006
Ashley M. Kirchner wrote:
> I have SSH locked down (through hosts.deny/.allow) to only allow
> known IPs to connect. This was done to curb the rash of script kiddies
> banging on it with dictionary attacks. However, one of my users is on
> DHCP which means every so often I need to change his entry in my
> hosts.allow file. Bit of a pain when I'm not in town or near a machine
> to check e-mail. So the question is: is there some way to solve this
I use daemonshield. It's a nice daemon which dynamically adds a iptables
rule to block incoming ssh bursts from a particular IP address.
After a while the rule will be automatically deleted.
More information about the users