denying spam hosts ssh access - good idea?
SamanKaya at netscape.net
Mon Jan 11 14:14:39 UTC 2010
David Southwell wrote:
>> I'm thinking of denying ssh access to host from which
>> I get brute force ssh attacks.
>> HOwever, I see in /etc/hosts.allow:
>> # Wrapping sshd(8) is not normally a good idea, but if you
>> # need to do it, here's how
>> #sshd : .evil.cracker.example.com : deny
>> Why is it not a good idea?
>> Also, apparently in older ssh there was DenyHosts option,
>> but no longer in the current version.
>> Is there a replacement for DenyHOsts?
>> Or is there a good reason for such option not to be used?
>> many thanks
> I use denyhosts ( /usr/ports/security/denyhosts ) works well for me. I also
> use blackhole and sshguard
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
Take a look at fail2ban:
This hooks in IPtables and really does a nice job of preventing DoS
attacks from not just SSH but many other ports and protocols too.
More information about the freebsd-questions