denying spam hosts ssh access - good idea?
mexas at bristol.ac.uk
Mon Jan 11 14:01:10 UTC 2010
I'm thinking of denying ssh access to host from which
I get brute force ssh attacks.
HOwever, I see in /etc/hosts.allow:
# Wrapping sshd(8) is not normally a good idea, but if you
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny
Why is it not a good idea?
Also, apparently in older ssh there was DenyHosts option,
but no longer in the current version.
Is there a replacement for DenyHOsts?
Or is there a good reason for such option not to be used?
Room 2.6, Queen's Building
Mech Eng Dept
University Walk, Bristol BS8 1TR, UK
Tel: +44 (0)117 331 5944
Fax: +44 (0)117 929 4423
More information about the freebsd-questions