sshd and dynamic firewall rules?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Is there the possibility to trigger an event from sshd to set dynamic
firewall rules?
For example to block a certain ip-adress after repeated login fails.
There are constantly dictionary attacks against my SSH-Server. (SuSE Linux



Re: sshd and dynamic firewall rules?

Quoted text here. Click to load it

Numerous tools do this, usually by looking at the logs for failed
logins. One is sshblack:

Another thing you can do is move SSH to a nonstandard port.  This
provides no security advantage but will reduce the noise in your logs
from the script kiddies.

Alan Hadsell

Site Timeline