ufw should keep the rule permanent.
There's a program/service that will keep track of this for you
automatically (and do the limit brute force, and block multiple failed
attempts) called sshguard. If you use that, you can see how many unique
IPs attempted to break into your system by reading your /etc/hosts.deny
file.
For my public-facing servers, I get about 13 unique new attackers per day.
On Wed, Feb 4, 2015 at 2:32 PM, Michael Havens <
bmike1@gmail.com> wrote:
> I was wondering.... I was playing bandit and on level 13 they say some
> suggested reading is https://help.ubuntu.com/community/SSH/OpenSSH/Keys .
> I was reasing that page and followed a link to
> https://help.ubuntu.com/community/SSH/OpenSSH/Configuring#Logging because
> I always wondered how I could see how many log in attempts were made to my
> computer (not that I think anyone will crack my password which is greater
> than ten characters. Wait a second.... I do not think I ever set an ssh
> password. ...
> guys, my websearch has proven to be fruitless. what do you suggest I do?
>
> in any case, I was looking at the settings for openssh.config (or whatever
> the file is called) and happened upon:
>
> Rate-limit the connections
>
> which happens to use ufw:
>
> sudo ufw limit ssh
>
> I was wondering if that command would turn it on permanently? After I
> entered the command it responded with something like 'new rule added' so I
> am assuming (I am not an ass!) that is so.
>
> I was wondering what should be changed?
> I am making loglevel Verbose
> :-)~MIKE~(-:
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
--
Todd Millecam
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss