...
Implement Deny Hosts
Anchor | ||||
---|---|---|---|---|
|
DenyHosts is a script intended to be run by Linux system administrators to help prevent SSH server attacks (also known as dictionary based attacks and brute force attacks) - http://denyhosts.sourceforge.net/
Configuration example: set /etc/hosts for specific restrictions. in this example, allowing *.utexas.edu domain hosts, and restricting everything else.
/etc/hosts./allow
ALL: .utexas.edu
and /etc/hosts.deny
ALL:PARANOID
/etc/hosts.allow is checked 1st, then /etc/hosts.deny.
Particular services can also be allowed to only particular machines, e.g:
/etc/hosts.allow
sshd:hostname (allowed name of machine or IP address)
and /etc/hosts.deny
sshd:ALL
Limit SSH Access to Campus Network
Anchor | ||||
---|---|---|---|---|
|
...