[PLUG] Re: denyhosts for illegal ssh login attempts
keith morse
kgmorse at mpcu.com
Tue May 17 00:14:54 UTC 2005
Rich Burroughs wrote:
> On Mon, May 16, 2005 10:07 am, Rich Shepard said:
>
>> I have a very large postfix UCE table called badip. I suspect that sshd
>>cracking attempts would drop to zero if hosts.deny could be linked to
>>include
>>badip. Could this be done? It would coordinate sshd and spam-mail
>>rejections
>>and keep hosts.deny reasonably short.
>
>
> It would be possible. To do that your sshd would have to be configured to
> use the TCP Wrappers. That would mean starting it up through inetd, or
> making sure it is linked against the libwrap.a library (./configure
> --with-libwrap). The second option would be better IMHO. There is some
> overhead each time sshd starts up, so most people run it standalone.
>
It's been my observation that most of the current distributions contain
ssh/sshd already compiled with tcp_wrappers support.
More information about the PLUG
mailing list