Automatic blacklist of IP-addresses.
Peter Stuge
stuge-openssh-unix-dev at cdy.org
Sun Dec 18 23:35:39 EST 2005
On Sat, Dec 17, 2005 at 09:57:17PM +0100, Nils Hammar wrote:
> One feature that I haven't seen in OpenSSH (It may be there) is an
> automatic blacklisting of IP addresses when a certain number of
> login attempts are reached from that IP address. It seems like it
> is popular these days to try brute force access on password
> cracking and automatic blacklisting may limit these attempts.
This has been suggested before, but rejected.
The recommended way to implement this is to monitor log output from
OpenSSH and make appropriate changes to the firewall settings.
OpenSSH is not a firewall.
//Peter
More information about the openssh-unix-dev
mailing list