[LUAU] Handling Brute Force Attacks
Vince Hoang
vince at litrium.com
Thu Jul 28 23:29:14 PDT 2005
On Wed, Jul 27, 2005 at 08:29:16AM -1000, R. Scott Belford wrote:
> How are others handling this? Do you block the IP address? If
> so, does it help, or are you still found by yet another zombie?
> Any suggestions or insight are welcome.
The reactive projects popping up in response to this are great
technical exercises but are simply bandaids because you lock down
access _after_ you detect a problem.
If you just want to stop the zombies and not targetted attacks,
simply move your ssh port. This is probably the easiest approach.
To really be safe, move to a default deny stance and only allow
[semi-]trusted networks to ssh into your server.
-Vince
More information about the LUAU
mailing list