[mythtv-users] Semi-OT: Blocking Brute Force SSH attacks
Brian Wood
beww at beww.org
Fri Oct 19 17:02:16 UTC 2007
Jay R. Ashworth wrote:
> If you've tunneled SSH traffic through to your Mythbox, you're likely
> the target of brute-force SSH attacks, some of which might well work.
>
> The most elegant solution I've found so far is here:
>
> http://www.la-samhna.de/library/brutessh.html#5
>
> This won't block attacks that "know" about a specific bug in your sshd,
> so you need to stay updated, but for the dictionary attacks it will
> work nicely, and it'll sure keep your logs from growing without
> bounds...
Some good point there.
You can automate some of them by using "fail2ban", but I don't suggest
using it if you are prone to typos, you can lock yourself out :-)
Personally I use an external firewall to only allow ssh packets from
specified IP addresses, but in my case I can predict from which
addresses I will want to log in, some folks don't have that advantage.
beww
beww
More information about the mythtv-users
mailing list