IPTABLES question
Alexander Dalloz
ad+lists at uni-x.org
Tue Jul 18 20:58:01 UTC 2006
Guillermo Garron schrieb:
> denyhosts
> will do the job for you!
>
> :)
> regards,
> Guillermo.
>
Guillermo,
though using gmail with a default, please learn to not top-post and
especially to avoid unnecessary quoting.
denyhosts does not use iptables, but tcp-wrappers.
If it is just about SSH login attempts by script kids I can say from
long experience that changing the SSHD port to something non default (so
far) keeps them at the gates, means no special blocking setup is
required. Though it can be a good decision to use pam_abl to cover other
cases and protect all services using PAM (as Nicolas already mentioned).
Alexander
More information about the fedora-list
mailing list