On Thu, 2005-06-16 at 09:05 -0500, Thomas Stivers wrote: > I have been getting a huge number of attempts to log into my box via ssh > which fail with invalid username entrys in the logs. Is there already a > package which will let me look through the logs and dynamically add > iptables rules to drop anything from these scanning addresses after > something like 3 attempts. I know I can set up hosts.allow and > hosts.deny to only allow ssh in from particular ip's, but I'd rather not > do that. Any suggestions would be appreciated. >
I set up sshd_config to use a different port. That stopped them (for now...) -- Michael Bane Atmospheric Physics Group University of Manchester -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
