I am running Ubuntu server edition and was surprised to see so many attacks on my /var/log/auth.log*
# zcat /var/log/auth.log.* | grep Failed | less I think if Ubuntu wants to push the server to the next level it must ensure security, reliability and speed. Is there a reason why and IP blocker tool is not integrated with the sshd daemon? Should I open a feature request and propose this on Feisty+1 or do you think that this is something that the sysadmin should configure him/herself if needed? We could use the fail2ban tool suggested above but these are other tools that seem to do a similar job. Unfortunately we do not have packages for any of them: sshguard: http://sshguard.sourceforge.net/ http://www.linux.com/article.pl?sid=07/02/27/1957242 BlockSSHD: http://blocksshd.sourceforge.net/ sshdfilter: http://www.csc.liv.ac.uk/~greg/sshdfilter/ -- blacklist hosts after 3 wrong password https://launchpad.net/bugs/77943 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
