Secured SSH by checking failed logins - Doomshammer's Weblog

< Security hole in S9Y | Alarm system can be very loud... >

Secured SSH by checking failed logins

Posted by Doomshammer on Saturday, July 2. 2005 at 15:11 in Arbeit, English only, Linux/Unix

I hate these script kiddies who try to brute-force my servers via ssh.
So I setup a little script which checks the log file for failed login tries. If it sees more than $x failed logins from the same IP it blocks the IP for $time.

Also I get a little mail like this:

QUOTE:

From: myserver@neessen.net
To: who.cares@neessen.net
Subject: 4 Fehlerhafte Loginversuche - IP geblockt
Date: Sat, 2 Jul 2005 15:11:01 +0200

Der Host: xxx-xxx-xxx-xxx-xx.xxx.de
wurde auf Grund zu vieler fehlerhafter Anmeldeversuche vom System geblockt.

Funny shit, huh?

View as PDF: This entry | This month | Full blog

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

You're damn right! They just churn out useless traffic and decelerate the net. I think we should treat them like spammers - send them very slow and painful to hell!!!11

By the way: It would be great, if you could publish your shellscripts on a seperate website. This should be very useful for hobby-administrators like me

#1 xenobyte (Homepage) on 2005-07-04 11:01 (Reply)

If I'll find some time for it, I'll publish my whole/holy shit somewhere

#1.1 Doomshammer (Homepage) on 2005-07-04 12:56 (Reply)

Richte einfach nen anonymous ftp zugang ein :>

#1.1.1 Thilo (Homepage) on 2005-07-04 20:26 (Reply)

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. Standard emoticons like :-) and ;-) are converted to images. BBCode format allowed You can use [geshi lang=lang_name [,ln={y\|n}]][/geshi] tags to embed source code snippets. Pavatar/Gravatar/Favatar/MyBlogLog/Pavatar author images supported.
	Remember Information?

View as PDF: This entry | This month | Full blog

Calendar

Quicksearch

Not for Sale!

This blog is not for sale!

Latest twitter

Blog abonnieren

Latest Photos

Sun | Set

Chic | ken!

Friend | Ship

Last google searches

solaris lsof
knopfler romeo and juliet chords
cmus lastfm
zfs compression
lsof solaris

Getaggte Artikel

*grrrr* *lol* *ouch* *sigh* 5dmkii 5d mk ii ad adobe advertisement ajax akismet amazon anniversary api apple application aprils fool bass bbq big brother blackberry blog blogroll blues bobby kimball bsd bugfixes button canon cellphone censorship cgi checkpoint chords christmas cologne comment spam computer concert cover crux D'Oh! database debian desktop dittsche dns doomy's filmtipp dumb dvd ebay encryption enlightenment eos feed feed me filesystem firefox firewall firewall-1 flickr foobar food fotografie friends ftgrf fun funtwo gastronomy tip geolocation google google maps gpg guitar hamburg hannover hardware ibanez internet ipernity iphone ipod ipod touch job john miles keyboard kommentarspam laptop lens lightroom links linux lol loriot mac macbook macos mac os x macro mail math miller anderson mobile mod_security movie music mysql news newsbeuter noos openbsd opensolaris openssh openvpn ordr party perl peter huth pgp phone photo photoblog photography photos piano pixelpost pixlr postgresql pr0n privacy private programming raid rants raw real-life rock rock 'n roll rock legends adventure rss s9y san francisco script scripting security shell sicherheitsgott signature sipgate snow soccer software solaris solaris 10 solaris express song sound spam sparc sql ssh ssl stick stupid summer sun support t-mobile t-shirt talent management telephone test the urge thoughts train training tv unix update upgrade video vimeo vmware voip vpn vpn-1 weather web 2.0 Webmuell der Woche website weihnachten windows winni wlan women work x.org xmas youtube zfs

Buttons

BLOGROLL