[clue-tech] Protecting against the ssh hack
Peter Kuykendall
PeterKuykendall at hotmail.com
Mon Sep 25 22:57:25 MDT 2006
I've had very good luck with DenyHosts, http://denyhosts.sourceforge.net/.
My thought is that if a certain IP address is playing games with my machine,
I want to ban it forever, and report it to a central blacklist so that
others can be wary of it. I don't want to wait until he finds some other
weakness in my setup, even if sshd is secure. I'm don't much care if the
guy who owns that machine is malicious or just infected; I don't want him to
connect to me either way.
So far there are about 3,000 IP addresses on the blacklist. My machine has
personally blacklisted about 25 in the first 4 or 5 days. After that then
all of the other crackers were already on the global blacklist, so I have
had no new discoveries since then.
- Pete
More information about the clue-tech
mailing list