michael wrote: > On Thu, 2005-06-16 at 09:05 -0500, Thomas Stivers wrote: > >>I have been getting a huge number of attempts to log into my box via ssh >>which fail with invalid username entrys in the logs. Is there already a >>package which will let me look through the logs and dynamically add >>iptables rules to drop anything from these scanning addresses after >>something like 3 attempts. I know I can set up hosts.allow and >>hosts.deny to only allow ssh in from particular ip's, but I'd rather not >>do that. Any suggestions would be appreciated. >> > > > > I set up sshd_config to use a different port. That stopped them (for > now...) >
Maybe try port knocking. A google search should find. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
