[CentOS] SSH attacks from china

Fri Jul 24 11:04:31 UTC 2009
Andreas Rehmer <rehmer at teltarif.de>


i am using the following way to dissallow ssh connects without having the 
Problem of specific IPs or something else.

Before you get access to the machine you must visit a webpage protected by 
httpauth. This start a small script that put the Remote Adress into a 
list. Only if your ip is on the list and not older than 5 min. you gain 
access via ssh.

For this i used only iptables the Skript and apache.
The only Problem is when the httpd hangs on.

If you want more Information write me.

Reg. Rehmer

rehmer at teltarif.de