[Firehol-support] sshlack

Carlos Rodrigues cefrodrigues at gmail.com
Mon Aug 25 21:46:58 BST 2008


On Sat, Aug 23, 2008 at 10:30 AM, shi ryu <shiryu38 at gmail.com> wrote:
> Hi Folks,
>
> Yet another question...my mind is actually shared between fail2ban and
> sshblack to perform the blacklisting work.
> My server is basically a web server, so I may also face non SSH attacks.
>
> Any advice ?

For simple SSH probe protection, I found that using the netfilter
"ipt_recent" module is a good and efficient solution. FireHol supports
it directly with the "with recent" keyword.

Regards,

-- 
Carlos Rodrigues




More information about the Firehol-support mailing list