> From [email protected] Tue Nov 27 16:26:46 2012 > Date: Tue, 27 Nov 2012 17:25:08 -0500 > Subject: denyhosts, fail2ban, or something else? > From: Aleksandr Miroslav <[email protected]> > To: [email protected] > > Finally got sick of seeing tons of ssh break-in attempts in my logs. Am > considering using denyhosts, or fail2ban. Anyone have any experience > with these? > > I'm already using the AllowUsers facility of ssh to only allow specific > users in, so I'm not overly concerned about the attempts.
The single most effective method of reducng such log 'noise' is to run sshd on a non-standard port. Does NOT provide any added security; DOES reduce the noise. virtually _100%_effective_ at noise reduction. fail2ban is painlesss to install/configure. Helps with repeat stuff from he same source. Not much help with 'distributed' sources. I've used it, found "non-standard port" to be 'good enough for me'. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
