[mythtv-users] Semi-OT: Blocking Brute Force SSH attacks
Brian Foddy
bfoddy at visi.com
Sat Oct 20 03:07:28 UTC 2007
On Friday 19 October 2007, Chris Ribe wrote:
> > I've created a small php webpage that I run on my linux router that lets
> > me log in and dynamically add a rule to iptables on the fly
>
> Secured how? I'm neither particularly paranoid nor a security expert, but
> giving php root access (or anyone else iptables access) doesn't sound like
> an improvement over anything.
>
>
> -chris
Check out sshblack.v28. I run it on my linux firewall and it very
effectively slams the firewall door on my unwelcome hackers.
I'm even on the ntp pool, which more than double my hack
attempts, so I upped the penalty box time to 15 days and blocked
ALL traffic (not just connection requests) from the offender. I
figure a ntp user trys to hack me, why should I give them the
time-of-day. I also log all blacklists, and occasionally check for
dupes. One shmuck tried 5 consecutive times, so I'm permanently
blocking him.
Brian
More information about the mythtv-users
mailing list