DragonFly users List (threaded) for 2005-03
Re: Note to LEAF users on ssh logins
At 7:23 PM -0800 3/2/05, Matthew Dillon wrote:
Leaf and, in fact, all of my machines which have open ssh
ports are getting random hack attempts, about 20-30 a day in
short bursts, usually from a different IP address each day.
I am rather disquieted by the continuous attempts so I have
written and intalled a little program to monitor the syslog
which will automatically block failed password or illegal
user login attempts.
A friend of mind recently wrote something similar, using perl.
His was written for FreeBSD and ipfw, but would be easy to
adapt. The main difference is that his setup supports the
idea that these ipfw rules should expire after awhile.
I haven't used this at all, but a few of my friends have been
using it for a few weeks, so it might be interesting to look at.
Garance Alistair Drosehn = gad@xxxxxxxxxxxxxxxxxxxx
Senior Systems Programmer or gad@xxxxxxxxxxx
Rensselaer Polytechnic Institute or drosih@xxxxxxx