[CentOS] Simple way to banish IP addresses ?
Craig White
craigwhite at azapple.com
Fri Oct 9 18:41:55 UTC 2009
On Fri, 2009-10-09 at 20:35 +0200, Niki Kovacs wrote:
> Hi,
>
> I just set up a web server... and my bandwidth is being eaten by some
> chinese folks trying to brute-force-ssh their way into the machine.
>
> Is there a simple way to banish either single IP addresses or, maybe
> even better, whole IP classes ? I know it's feasible with iptables, but
> is there something more easily configurable ?
----
Suggest you move ssh to another port (i.e. high numbered)
but whether you do or do not move the port sshd listens on, you should
install a package like denyhosts which after a specified number of
attempts, locks them out completely.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the CentOS
mailing list