Re: sshd: Authentication Failures: 137 Time(s)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

rrichard@xxxxxxxxxx wrote:
> Indeed! I run
> Fail2Ban not only against SSH, but against SMTP/AUTH and IMAPS/POP3S (the
> only client mail protocols we support). It's amazing how many dictionary
> attacks take place against SMTP by persistent spamers! Besides the effect
> against dictionary attacks, it makes the morning reading of the secure log
> a pleasant experience. :-)

My SMTP server has Reverse DNS check active, so any SMTP request from IP 
  that does not have Reverse DNS record is automatically forbidden. Even 
SMTP servers tht are not properly configured  (like one Bank server in 
my country that sends mails from some obscure IP without DNS record even 
thou I know they are legit) are denied.

fail2ban had some wrong with it, from the standpoint of my CentOS 5.x 
server (can't remember what I disliked), wheather it was rpm 
availability or something else, so I chose denyhosts. There was whole 
week recently without a single ssh attack on my 3 PC's (2 servers).

Ljubomir
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux