[CentOS] Ideas for stopping ssh brute force attacks

Mon Jul 21 20:56:12 UTC 2008
Lundgren, Andrew <Andrew.Lundgren at Level3.com>

I have been using fail2ban to limit the attacks.  It works exactly as they advertise and I am happy with it.

--
Andrew

> -----Original Message-----
> From: centos-bounces at centos.org
> [mailto:centos-bounces at centos.org] On Behalf Of Bo Lynch
> Sent: Monday, July 21, 2008 2:43 PM
> To: centos at centos.org
> Subject: [CentOS] Ideas for stopping ssh brute force attacks
>
> just wanted to get some feedback from the community. Over the last few
> days I have noticed my web server and email box have
> attempted to ssh'd to
> using weird names like admin,appuser,nobody,etc.... None of these are
> valid users. I know that I can block sshd all together with
> iptables but
> that will not work for us. I did a little research on google and found
> programs like sshguard and sshdfilter. Just wanted to know if
> anyone had
> any experience with anything like these programs or have any
> other advice.
> I really appreciate it.
>
> --
> Bo Lynch
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>