[olug] Eliminate risk for brute force root login attempts
Daniel Pfile
daniel at pfile.net
Tue Aug 1 21:40:45 UTC 2006
Try denyhosts:
http://denyhosts.sourceforge.net/
Also, remember to disable remote root logins in ssh.
If you have a small number of users, set up AllowUsers for the users you
have.
Even better, if it's an option, turn on mandatory key authentication.
-- Daniel
PS: I'll actually be at the OLUG meeting tonight. Hooray!
Carl Lundstedt wrote:
> After going through my latest log files on my linux workstation at the
> U. I'm getting hammered by brute force attacks. Back in the day I found
> a piece of software that detected these attacks on the fly and placed
> the offending machines IP into an IPchains or IPtables bit bucket. Thus
> the machine would never respond to anything the machine sent there
> after.
>
> I can no longer recall what it was called, does anyone know what that
> was called? Is there a simple, 10 minute, way to set this up?
>
> Is there a way to detect numerous attempts from a machine and lock the
> machine out forever any other way?
>
>
>> Is there a way to limit login attempts to 5 with a 30 minute timeout for
>> example with a root login?
>>
>> Thanks,
>>
>> Daryl
>>
>>
>> Carl Lundstedt
>> University of Nebraska, Lincoln
>> Department of Physics & Astronomy
>> Ferguson 106
>> (402) 472-6014
>>
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>
More information about the OLUG
mailing list