[olug] Eliminate risk for brute force root login attempts

Daniel Pfile daniel at pfile.net
Tue Aug 1 21:40:45 UTC 2006

Try denyhosts:


Also, remember to disable remote root logins in ssh.

If you have a small number of users, set up AllowUsers for the users you 

Even better, if it's an option, turn on mandatory key authentication.

-- Daniel

PS: I'll actually be at the OLUG meeting tonight. Hooray!

Carl Lundstedt wrote:
> After going through my latest log files on my linux workstation at the
> U. I'm getting hammered by brute force attacks.  Back in the day I found
> a piece of software that detected these attacks on the fly and placed
> the offending machines IP into an IPchains or IPtables bit bucket.  Thus
> the machine would never respond to anything the machine sent there
> after.
> I can no longer recall what it was called, does anyone know what that
> was called?  Is there a simple, 10 minute, way to set this up?
> Is there a way to detect numerous attempts from a machine and lock the
> machine out forever any other way?
>> Is there a way to limit login attempts to 5 with a 30 minute timeout for
>> example with a root login?  
>> Thanks,
>> Daryl
>> Carl Lundstedt
>> University of Nebraska, Lincoln
>> Department of Physics & Astronomy
>> Ferguson 106
>> (402) 472-6014
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug

More information about the OLUG mailing list