[OpenIndiana-discuss] denyhosts IPS package?

Gregory Youngblood gregory at youngblood.me
Wed Jan 15 14:49:53 UTC 2014


Do you require password authentication or can you require only key access?

Disabling password authentication prevents the dictionary and other brute force password attempts.

You might also consider setting up a couple of jump boxes and then use ipfilter or external firewall to only allow ssh traffic from those jump boxes. If you go this route remember to use proxycommand to relay the connection and not to store any keys on the jump box. 

Greg




Sent from my HTC One on the Verizon Wireless 4G LTE network

----- Reply message -----
From: "Stefan Müller-Wilken" <stefan.mueller-wilken at acando.de>
To: "openindiana-discuss at openindiana.org" <openindiana-discuss at openindiana.org>
Subject: [OpenIndiana-discuss] denyhosts IPS package?
Date: Wed, Jan 15, 2014 5:54 AM

Hi there,

is there a denyhosts package available? I'd like to more effectively ban dictionary attackers from my systems and looking at https://www.illumos.org/issues/228#note-8 a package was at least in discussion.

@Ken: can you comment on this?

Cheers
Stefan.

________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss


More information about the OpenIndiana-discuss mailing list