I have been using fail2ban to limit the attacks. It works exactly as they advertise and I am happy with it.
-- Andrew
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Bo Lynch Sent: Monday, July 21, 2008 2:43 PM To: centos@centos.org Subject: [CentOS] Ideas for stopping ssh brute force attacks
just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and sshdfilter. Just wanted to know if anyone had any experience with anything like these programs or have any other advice. I really appreciate it.
-- Bo Lynch
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos