Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: croppa on August 12, 2006, 01:15:23 PM

Title: sshfilter
Post by: croppa on August 12, 2006, 01:15:23 PM

Has anyone installed sshfilter on sme server 7
Stuart

Title: sshfilter
Post by: egerards on August 12, 2006, 11:13:04 PM

I guess you mean the ssh filter which can be found here (http://www.csc.liv.ac.uk/~greg/sshdfilter/)?

Personally I haven't installed this or any other ssh brute force attack blocker (although I am charmed by the concept of many of them).

Currently I think it suffices to disallow username / password logins and stick to ssh key pairs.  However if frequent ssh attacks put too much strain on your bandwidth, I can imagine that you want to look for something that takes care of this at the firewall level.

If the latter is not the case I would really suggest to start using ssh key pairs. No valid key combination --> no login allowed whatsoever...

Title: re sshdfilter
Post by: croppa on August 13, 2006, 01:08:29 AM

Thank you for your reply egerards. That is exactly the one which I was thinking about. I do block ssh with passwords an use matched keys however the logs do fill up. Also stopping as much of this traffic on the net as possiable would be a good thing.
Stuart :pint: