Re: intrusion?



"Paweł B." <botul1979@xxxxx> wrote:

gtu2003@xxxxxxxx pisze:

Thank you very much. Someone know a simple script that do the follow:
* watch in the logs
* if there is a lot of invalid access from an Ip it block only this ip for an hour

You can try fail2ban.

Good way to improve security is move ssh to high port, and drop
request on port 22.

That doesn't improve security that much but at least keeps the
dumb script kiddies out and avoids cluttering your log files.

To improve security disable password authentication if that's possible
in your environment.


Florian
--
<http://www.florian-diesch.de/>
-----------------------------------------------------------------------
** Hi! I'm a signature virus! Copy me into your signature, please! **
-----------------------------------------------------------------------
.