[CentOS] Simple way to banish IP addresses ?
craigwhite at azapple.com
Fri Oct 9 19:41:55 UTC 2009
On Fri, 2009-10-09 at 20:35 +0200, Niki Kovacs wrote:
> I just set up a web server... and my bandwidth is being eaten by some
> chinese folks trying to brute-force-ssh their way into the machine.
> Is there a simple way to banish either single IP addresses or, maybe
> even better, whole IP classes ? I know it's feasible with iptables, but
> is there something more easily configurable ?
Suggest you move ssh to another port (i.e. high numbered)
but whether you do or do not move the port sshd listens on, you should
install a package like denyhosts which after a specified number of
attempts, locks them out completely.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the CentOS