[lug] DOS ssh attacks
bluey at iguanaworks.net
Sat Jan 10 12:10:34 MST 2009
> > Another question is: any tricks we can use to slow down requests to
> > ssh so we don't get locked out?
I use denyhosts -- it's a script that looks at your log file and after X
failed attempts to login via ssh it blocks the IP in your firewall for a
specified period. Also nice if you don't really trust all the passwords
for ssh to withstand a rigorous dictionary attack (but doesn't stop a
distributed dictionary attack).
More information about the LUG