[clue-tech] Protecting against the ssh hack
Angelo Bertolli
angelo at freeshell.org
Mon Sep 25 23:41:39 MDT 2006
Peter Kuykendall wrote:
> I've had very good luck with DenyHosts, http://denyhosts.sourceforge.net/.
> My thought is that if a certain IP address is playing games with my machine,
> I want to ban it forever, and report it to a central blacklist so that
> others can be wary of it. I don't want to wait until he finds some other
> weakness in my setup, even if sshd is secure. I'm don't much care if the
> guy who owns that machine is malicious or just infected; I don't want him to
> connect to me either way.
>
> So far there are about 3,000 IP addresses on the blacklist. My machine has
> personally blacklisted about 25 in the first 4 or 5 days. After that then
> all of the other crackers were already on the global blacklist, so I have
> had no new discoveries since then.
What if someone is on a dynamic IP address from their ISP and you end up
blocking them, only later for someone else to get that IP?
More information about the clue-tech
mailing list