[Techtalk] 216 ssh login attempts, what to do?
Devdas Bhagat
devdas at dvb.homelinux.org
Thu Oct 14 02:56:01 EST 2004
On 13/10/04 16:36 +0100, David Sumbler wrote:
<snip>
> But the OP's idea of blocking any log-in attempts from an IP with,
> say, three failed attempts in a short space of time seems an excellent
> one, yet nobody has addressed this.
And a way to autounblock those. Maybe a modification of a
POP-before-SMTP script would help? Know Perl?
> Is it really not possible to do what she suggested? (And if it isn't,
> then it should be!)
It is. However, most serious professionals considers autoblocking as
bad, because it enables someone to DoS you. Admittedly, this is much
harder to do with TCP than with UDP, but the general assumption is not
to trust the upstream equipment.
> I am the only person who legitimately would want to log into my
> machine. As I haven't yet mastered the ability of being in more than
> one place at a time, something like this would be excellent for me.
If you only log in from a few systems, you might want to use keys
instead.
Devdas Bhagat
More information about the Techtalk
mailing list