This topic has been archived. It cannot be replied.
-
工作学习 / 专业技术讨论 / Linux 的port 22/SSH把router的 port 22打开了几天,没想到发生了多次攻击尝试。
从ip看,攻击者来自South Korean, Jilin/China,HongKong,都是企图hack password.
有的连续进行了1400+的尝试。乖乖!
请问各位大侠,Linux/SSH上如何设定 max authentication.
如果来自同一个ip 的authentication failure超过一个值,如何deny这个ip?
sshd_config里找不到类似的设置。
多谢!
-j9988(Jim);
2006-5-26
{342}
(#2992181@0)
-
use non-wellknown port, for example 54321 instead of 22. I use 80, haha.
-647i(步行万里);
2006-5-26
(#2993455@0)
-
good point! 是不是说:SSH自己无法识别并deny这种hack password的尝试?
-j9988(Jim);
2006-5-26
(#2994246@0)
-
there is plug-in program to do this kind of thing. I forget the name. I am lazy. BTW, use long password to protect ur self. Actually, I leave the 22 port open, a lot people try to log in, but no luck.
-647i(步行万里);
2006-5-26
(#2994283@0)
-
setup a firewall using iptables. check http://www.debian-administration.org/articles/187
-tu1990(Le);
2006-5-29
(#2998398@0)