This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking certain IP's from ssh access

Hi board,

I need to have the network for accessing the ssh-access set to ANY.
Nevertheless, no some script kiddys are brute forcing my ssh port like hell.
Is there a way of telling ssh to block the source ip for a certain amount of time if having 3 failed logins? Like doing that on the webaccess page.

Or is there a way of making a rule in the ssh access frame for NOT-Host x.x.x.x?

Thanks a lot for you replys.
Cheers
Marcus

This thread was automatically locked due to age.

0 BrucekConvergent over 17 years ago

Why do you have it set to ANY? We never setup a customer's system in this manner. If you have it set that way to allow a roving user to login, have them use the VPN to connect in first.
Cancel
Vote Up 0 Vote Down

Cancel
0 bitonw over 17 years ago in reply to BrucekConvergent

create a rule that only allows inbound ssh traffic from the ip numbers you use to maintain the box. (your own public ip) if need more create a group for it.
Cancel
Vote Up 0 Vote Down

Cancel