What about using TCPWrappers and the /etc/host.allow, /etc/hosts.deny
funtionality?
Rgeards,
JFeole
--
Bill McGonigle wrote:
Hi, guys,
Does anybody have a good recipe for limiting ssh login attempts per IP?
The latest openssh has a limit on a per-connection basis but I need to
stop 3000 attempts per day coming in on discreet connections. The
source IP isn't fixed.
I'll be using portsentry as well but since sshd is listening it
doesn't help this problem. An IDS would flag it, but I want to shut
down the IP that has more than, say 10, failures per day. I'd like to
do it locally, as opposed to a contrived script set launched by the IDS.
It seems like something that ought to be straightforward and
frequently used but I didn't have much luck searching the mailing
lists or Google. I'm probably missing something obvious.
Thanks,
-Bill
----
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
[EMAIL PROTECTED] Cell: 603.252.2606
http://www.bfccomputing.com/ Text: [EMAIL PROTECTED]
_______________________________________________
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss