Salut, Thomas,
On Wed, 15 Oct 2008 20:42:37 +0200, Thomas Feddersen wrote:
> in my /var/log/authlog I can see many hackers attempting to get
> access to my system by trying arbitrary usernames. First of all I
> have disabled password authentication so valid users can ony login
> with a key. Still I'd like to lock the respective hosts out, from
> where these attacks originate.
I have adapted the following technique:
1. enable uniquely SSH key authentication or alternatively force all
users to have sane passwords.
2. Impose connection rate limits.
3. If an attacker is so annoying that he eats a lot of bandwidth (some
do), block him. Otherwise, laugh at him.
I really don't see the need to do much more than that.
Tonnerre
Attachment:
signature.asc
Description: PGP signature