How can I block IP address range with sshd_config
Don Dupy
fedora at maxxrad.net
Tue Jul 27 21:19:55 UTC 2004
I had the same problem,
I deny any incoming connections from the offending IP pool on my firewall,
and that seems to work, I show the attempts on my firewall, but no logs on
my FC1 box. ;-)
Don Dupy
FC1 - Kernel 2.4.22 - Dell Poweredge 600SC
http://www.maxxrad.net
email: fedora at maxxrad.net
On Tue, 27 Jul 2004, Alexander Dalloz wrote:
> Am Di, den 27.07.2004 schrieb Michael Sullivan um 18:12:
>
> > The kiddies using their script file to try to hack into my systems
> > through sshd using accounts guest and test tried again yesterday. This
>
> [ ... ]
>
> > the nonexistent guest and test accounts. The IP addresses they try to
> > log in from vary slightly, but for the most part I think the first three
> > octets are the same. I looked through the man page for sshd_config for
> > a way to block their IP, but I couldn't find it. Does anyone here know
> > how to do this?
>
> Using public key authentication you can restrict the key. See "man sshd"
> for from="pattern-list". If you use password authentication you can't
> restrict it within the sshd_config itself. I suggest you use iptables
> reject rule(s) instead to block SSH (port 22) access for suspicious nets
> - yes, I get this "hack attempts" for non existent account guest and
> test too - or you allow port 22 connects only for specific nets at all
> and let the rest reject.
>
> Alexander
>
>
> --
> Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
> Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp
> Serendipity 18:17:00 up 1 day, 3:23, load average: 0.36, 0.89, 0.98
>
More information about the fedora-list
mailing list