Re: [fw-wiz] SSH brute force list



I used something call DenyHosts, it is very nice.
http://denyhosts.sourceforge.net/index.html


2006/11/27, J. Oquendo <sil@xxxxxxxxxxxxxxx>:

Unsure if this will make it through to the list but I feel it is
relevant. I wrote a program called Sharpener which is an SSH brute force
blocking tool. However, this tool also reports back the offenders'
addresses and I have begun posting the information on them as well as
sending out messages (whenever possible) to the admins of these domains.
Think of it as an RBL for SSH attackers. The goal is to identify these
machines in order for others to implement safeguards against these
hosts. Feel free to comment/complain.


http://www.infiltrated.net/sharpener (tool)
http://www.infiltrated.net/bruteforcers

--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net

The happiness of society is the end of government.
John Adams



_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards




_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Relevant Pages

  • [opensuse] tcpwrappers /etc/hosts.deny rules
    ... In an attempt minimize ssh brute force attacks, ... Now I want to take denyhosts out of daemon mode, and only be executed upon ssh connection attempts. ... ...which seems to support the aforementioned configuration options. ... sshd: /etc/sshd.deny ...
    (SuSE)
  • [opensuse] SSH Brute Force attacks
    ... Has anyone recently noticed an increase in the quantitity of SSH brute force attacks? ... my DenyHosts has been going totally nuts.. ...
    (SuSE)