Prevent brute force attacks using SSHBlack

SSHBlack is a very useful script which monitors the system logs for repeated failed logins and then blocks the source IP.  This can pretty much negate basic brute force attacks.  There are plenty of similar other applications such as BruteLock, but I think SSHBlack works well.  The following is a very handy article which shows how to run it as a service:

http://wiki.oss-watch.ac.uk/InstallingSshblack

Remember to add your IP’s/network to the whitelist and modify the paths to any logfiles as needed.

You can leave a response, or trackback from your own site.

Leave a Reply