hosts.deny script

Arthur Pemberton pemboa at gmail.com
Fri Jan 27 01:14:02 UTC 2006


On 1/26/06, John Summerfied <debian at herakles.homelinux.org> wrote:
>
> Steven J Lamb wrote:
> > I am trying to create a script to block people using hosts.deny. I
> > realize that I should just block everyone and then open access for those
> > whom I know I trust but because of the nature of our network this is not
> > possible. basically I check log files for login attempts every five
> > minutes and block those that attempt to log in more than 3 times that
> > day.
>
> This is too late. An automated attack may well be completed in this
> window of time.
>
> Instead, use another port as a door-knock: when someone tries to connect
> to <some port>, then allow connexions to ssh for a short time.
>
> Are there any benifits of doing this as opposed to changing the port used
for ssh?

--
As a boy I jumped through Windows, as a man I play with Penguins.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20060126/01064508/attachment-0002.html 


More information about the users mailing list