[olug] Eliminate risk for brute force root login attempts

Jeff Hinrichs - DM&T jeffh at dundeemt.com
Tue Aug 1 22:21:15 UTC 2006

+1 Denyhosts http://denyhosts.sourceforge.net/

Can do forever lockouts, timed lockouts and more.

On 8/1/06, Daniel Linder <dan at linder.org> wrote:
> On Tue, August 1, 2006 16:32, Carl Lundstedt wrote:
> > After going through my latest log files on my linux workstation at the
> > U. I'm getting hammered by brute force attacks.  Back in the day I found
> > a piece of software that detected these attacks on the fly and placed
> > the offending machines IP into an IPchains or IPtables bit bucket.  Thus
> > the machine would never respond to anything the machine sent there
> > after.
> Carefull what you wish for! :)  Someone might DOS your access to the
> system by spoofing multipple failed telnet attempts using your home IP
> address as the source.  Once your system has black-listed your address,
> they can try other methods to get on while you're locked out!
> There is a simple rate-limit feature in IPTables that can limit
> connections to "X/minute".  Search for "iptables limit limit-burst" for
> examples.
> Dan
> P.S. I prefer SSH keys for auth myself, no rate limiting/blacklisting needed.
> - - - -
> "Wait for that wisest of all counselors, time." -- Pericles
> "I do not fear computers, I fear the lack of them." -- Isaac Asimov
> "Soon we will be able to harness the rotational energy from Orwell's grave
> to solve all world energy problems." -- /. user GigsVT (208848)
> GPG fingerprint:6FFD DB94 7B96 0FD8 EADF  2EE0 B2B0 CC47 4FDE 9B68
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug

Jeff Hinrichs
Dundee Media & Technology, Inc
jeffh at dundeemt.com

More information about the OLUG mailing list