LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-20-2009, 08:22 PM   #1
dudeman41465
Member
 
Registered: Jun 2005
Location: Kentucky
Distribution: Ubuntu
Posts: 794

Rep: Reputation: 56
Autoban for Personal SSH Server


I have SSH running on my personal home server so if I need to make a change, create an ftp username for somebody, or just troubleshoot it when my wife calls and says the printer isn't working. However I've noticed my log file is getting crammed with failed login attempts. Is there a way to have my server automatically ban a host/IP after a given number of failed logon attempts?

Edit: It's running Ubuntu Server 9.10 with the default ufw firewall.

Last edited by dudeman41465; 11-20-2009 at 08:23 PM. Reason: Added server info
 
Old 11-20-2009, 08:47 PM   #2
MS3FGX
LQ Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 357Reputation: 357Reputation: 357Reputation: 357
There are a number of ways to do this, but I have personally been using DenyHosts on my servers for awhile. As the name suggests, it adds IPs to hosts.deny when they hit certain limits on failed login attempts.

What I like the most is that it can optionally pull down an updated list of IPs that other DenyHosts installations reported as running an attack on them. So in theory you should be able to prevent many attacks before they even start.
 
Old 11-21-2009, 06:10 AM   #3
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Testing"
Posts: 6,112

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416
This is discussed at length (with solutions) in the sticky thread on this page.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh: is there any issue with adding my personal public key to authorized_keys? Meson Linux - Security 6 10-07-2008 12:27 AM
My own personal home server Crash_guy Linux - General 3 02-12-2008 11:11 PM
personal news server? jon23d Linux - Software 1 06-26-2006 10:53 PM
Passwordless SSH with SSH commercial server and open ssh cereal83 Linux - General 7 04-18-2006 12:34 PM
SUSE personal as a server? scabies Linux - Distributions 2 09-22-2004 11:00 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration