denyhosts, fail2ban, or something else?
Damien Fleuriot
ml at my.gd
Thu Nov 29 09:25:33 UTC 2012
On 27 November 2012 23:25, Aleksandr Miroslav <alexmiroslav at gmail.com> wrote:
> Finally got sick of seeing tons of ssh break-in attempts in my logs. Am
> considering using denyhosts, or fail2ban. Anyone have any experience
> with these?
>
> I'm already using the AllowUsers facility of ssh to only allow specific
> users in, so I'm not overly concerned about the attempts.
>
> This is for a FreeBSD 8.x box running pf, btw.
>
Since nobody has mentioned it, I'll point you to sshguard.
It integrates with PF or IPFW and does the job.
As for AllowUsers, that's a good thing, I'm going that as well.
Some might argue that it's overkill, well let me tell you, virtually
nothing is overkill when it aims at preventing unauthorized SSH access
to your box.
More information about the freebsd-questions
mailing list