On Wed, Feb 16, 2005 at 11:16:11AM -0500, Trevor Curtis wrote: > On Wed, 2005-02-16 at 09:48, Stephen Gregory wrote: > > There was a recent discussion about blocking or atleast reduceing ssh > > brute force attempts. There is a "recent" module for netfiler/iptables > > that will help. > > > > http://blog.andrew.net.au/2005/02/16#ipt_recent_and_ssh_attacks > > > > http://snowman.net/projects/ipt_recent/ > > I've been seeing some of these for a while now. Is it a big deal? Most > of the attempts I've seen have been using root in their attacks, and I > don't permit root to login. I get a whole array of different users. I don't think its a particular issue unless you have weak passwords. I also have the "logwatch" package installed which gives me a good synopsis of failed ssh logins, among other info. mh -- Martin Hicks || mort [ at ] bork [ dot ] org || PGP/GnuPG: 0x4C7F2BEE