SSH hank attempts? bad?

Scott Paul Robertson spr at mahonri5.net
Tue Apr 11 21:57:12 MDT 2006


On Tue, Apr 11, 2006 at 08:55:56PM -0600, Wade Preston Shearer wrote:
> My server can get up ~12,000 [1] failed log in attempts recorded in  
> my server's logs in one day. How much of a concern should this be? I  
> am aware of restricting shell access to certain IPs. Will that  
> restrict the handshake or will I still see the attempts in my logs?  
> Are there any ways to restrict the attempts?
> 
> 

I use denyhosts to take care of it for me. It uses the /etc/hosts.deny
file to block, and watches the log to add things.

I've also restricted sshd with and AllowUsers statement.

I only get 10 or so attempts a day now.

-- 
Scott Paul Robertson
http://spr.mahonri5.net
GnuPG FingerPrint: 09ab 64b5 edc0 903e 93ce edb9 3bcc f8fb dc5d 7601
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20060411/c21ff474/attachment.bin 


More information about the PLUG mailing list