9 Oct
2009
9 Oct
'09
8:41 p.m.
On Fri, 2009-10-09 at 20:35 +0200, Niki Kovacs wrote:
Hi,
I just set up a web server... and my bandwidth is being eaten by some chinese folks trying to brute-force-ssh their way into the machine.
Is there a simple way to banish either single IP addresses or, maybe even better, whole IP classes ? I know it's feasible with iptables, but is there something more easily configurable ?
---- Suggest you move ssh to another port (i.e. high numbered)
but whether you do or do not move the port sshd listens on, you should install a package like denyhosts which after a specified number of attempts, locks them out completely.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.