Security

What not to do when you’ve installed sshdfilter

sshdfilter is a great tool which monitors system logs for repetitive failed login attempts and actively updates iptables to block offending ip addresses. However, there is a slight shortfall it its design as there are no exceptions to its blocking rules as I found this morning: Subject: sshdfilter event for 127.0.0.1, Too many password guesses, …

What not to do when you’ve installed sshdfilter Read More »

Using sshdfilter to secure an SSH server

Since moving my OpenSSH server down to its standard port number I have been hit daily by service scanning software and brute force password attacks. Gerry pointed out that sshdfilter can help. sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output and generating iptables …

Using sshdfilter to secure an SSH server Read More »

Scroll to Top