Running ssh on unreserved ports
Anne Wilson
annew at kde.org
Mon Feb 21 12:25:23 UTC 2011
On Sunday 20 February 2011 22:13:16 Patrick Kobly wrote:
> On 2011-02-20, at 9:05 AM, "Alex" <mysqlstudent at gmail.com> wrote:
> > Hi,
> >
> >>> Fail2ban is easy to set up, and I've seen it stop attempts here.
> >
> > Everything helps, but this is one that I wouldn't really rely on, in
> > case the log file format for ssh changed in some way, or the script
> > died and it wasn't noticed.
>
From the Fail2ban main page:
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log
and bans IP that makes too many password failures. It updates firewall rules
to reject the IP address.
Brute force attacks are stopped in their tracks. You configure how many
consecutive failures are allowed before blocking occurs. We all occasionally
mis-type a password or use the wrong password, but normally we only do that
once, so three or four consecutive failures are very suspect.
Anne
--
New to KDE Software? - get help from http://userbase.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110221/5ecbe4ab/attachment.bin
More information about the users
mailing list