[mythtv-users] Semi-OT: Blocking Brute Force SSH attacks
James Armstrong
james at thearmstrongs.org
Fri Oct 19 17:55:46 UTC 2007
I had the same problem. I ended up moving the ssh port and installing a
script that looks for unsuccessful logins and blocks the ip address for
one hour. I also have the bashrc modified to page me immediately with
the login name and ip address no matter who logs in. Before I moved the
port and out the ban script in I actually got paged and immediately went
to the console and killed the computer. Definitely look at the passwd
file and set all users that don't need bash access to /bin/false or
nologin. I just have myself that can login and at work deny ssh root
login so I am forced to login as me, then su to root.
- James
More information about the mythtv-users
mailing list