I'm using ssh port knocking. Regards, --- Eduardo Silvestre nfsi telecom, lda. eduardo.silvestre@xxxxxxx Tel. (+351) 21 949 2300 - Fax (+351) 21 949 2301 http://www.nfsi.pt/ ----- Original Message ----- From: "Andreas Rehmer" <rehmer@xxxxxxxxxxx> To: "CentOS mailing list" <centos@xxxxxxxxxx> Sent: Sexta-feira, 24 de Julho de 2009 12H04m GMT +00:00 GMT Britain, Ireland, Portugal Subject: Re: SSH attacks from china Hi i am using the following way to dissallow ssh connects without having the Problem of specific IPs or something else. Before you get access to the machine you must visit a webpage protected by httpauth. This start a small script that put the Remote Adress into a list. Only if your ip is on the list and not older than 5 min. you gain access via ssh. For this i used only iptables the Skript and apache. The only Problem is when the httpd hangs on. If you want more Information write me. Reg. Rehmer rehmer@xxxxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos