After my recent break in I have looked into ways of protecting SSH and my server resources. I employ fail2ban on my main server, it has the resources to run such a programme – my Linksys NSLU2′s however do not. The solution is to use iptables to limit the number of connections any host can make in a given time frame. I wrote up a quick how to on this over at my wiki. Enjoy.
Disclaimer
All content on this site are my own thoughts and opinions not those of my employer or projects I contribute to.
Archives
- Months
- December 2008 (3)
- November 2008 (5)
- October 2008 (2)
- September 2008 (1)
- August 2008 (1)
- July 2008 (5)
- June 2008 (5)
- May 2008 (3)
- April 2008 (5)
- March 2008 (3)
- February 2008 (2)
- January 2008 (4)
- Years
- Months
Another possible solution is use iptables to count new connection.
You can see an exemple of iptables comand here:
http://www.logocomune.eu/blog/2008/06/nslu2debian-brute-force-attach-ssh.php