Protecting against SSH attacks

On some servers you are obliged not to run a firewall nor use VPN. As a result your sshd will be the direct attack target for many amateurs and professionals alike.

To protect against ssh attacks, I run the following script in crontab:

#! /bin/bash
#
# A script to automatically counter ssh attacks
#
#
# vars
RETVAL=0
secure='/var/log/secure'
file='/tmp/counter-ssh'
deny='/etc/hosts.deny'
#
# logic
#
# get unique attacking IPs
grep "Did not" $secure | awk '{print $12}' | uniq -u > $file
#
# if IP is in /etc/hosts.deny do nothing, if IP is NOT in /etc/hosts.deny, add it there!
for ip in $(cat $file); do grep --silent $ip $deny; if [ $? -ne 0 ]; then echo "sshd:$ip" >> $deny; fi; done
#
# exit as learnt
RETVAL=$?
echo "we have exited $RETVAL"; exit $RETVAL

Sometimes you may encounter a line in /etc/hosts.deny like:
sshd:UNKNOWN

It may be blocking you!
Be aware, I have warned you beforehand.

Comments

Post a Comment

Popular posts from this blog

لعل الله يهدينا أو يهدي بنا

من أجمل المبادئ التي أنا مؤمنة ً بها في الحياة  لا حيلة في الرزق، ولاشفاعة في الموت، ولا راحة في الدنيا، ولا سلامة من كلام الناس ارض بما قسم الله لك، تكن أغنى الناس لا ضرر ولا ضرار حسنـًا، الناس في حياتك، المال، الزواج، البنون، الصحة، الطعام والشراب، الجمال، وكثير مما لا يحضُر ذهني إنما هو من الأرزاق، وقد يقضي المرء طوال حياته يكابد أشخاص تسبب له المشاكل، أو فقيرا،  أو وحيدا، أو دون ذرية، أو مريضًا، أو لا يرى نفسه جميلا. فالرزق من عند الله، وقد تبقى بعض الأرزاق على حالها أو يبدلها الله، فلا حيلة لنا في ضيق أو وسع الرزق، لكننا للأسف نتبنى ثقافة تقييم أنفسنا والآخرين بناء على ما لا حيلة لنا فيه، ونقع فريسة لفخ هذا التقييم فنبني عليه بالتالي تصرفاتنا.  هل ضيق أو وسع أي من الأرزاق رضا أم غضب أم بلاء من الله؟  الله أعلم، ولكن ما أنا على يقين منه هو أنه إن وسع رزقي أو ضاق فهو من عند الله والرضا به أو الصبر عليه هو رحمة من الله، أما محاولة تغييره فهي عبث. وتأتي بقية المُسَلمَات في المبدأ الأول واضحة وصريحة، فالموت حق على كل نفس، والكافر وال...
Read more

Tethering Nokia E51 to CentOS 5.5 on HP 6730s

According to Wikipedia, tethering is a method to share the Internet connection of an Internet-capable mobile phone. This sharing can be via cable, or wirelessly over Bluetooth or Wi-Fi — if Wi-Fi, the tethering feature is often branded as a mobile hotspot and can typically service several devices. As a result of a sometimes slow ADSL connection, I decided to have my own mobile hotspot as a backup. Indeed, mobinil offers a relatively acceptable plan of 110 MB / month for 20 EGP. Exceed your quota during the 30 day limit, and the speed drops AFAIK from 1.2 mbps to 64 kbps. After all, for me this is a good backup plan to accomplish quick logins and short browsing. So, I went straight to Ovi store and downloaded Joikuspot Light edition 3.1. To have free apps downloaded to your PC, just click the app, then click `send to a friend` button. The address bar changes to something like `http://store.ovi.com/content/12345/send-to-friend`. Simply replace the in the address bar from `send-to-...
Read more

Inamorata

Honestly, I have never reviewed a book before finishing it, but this time there is something inside me pushing me to review the book even when I am just at chapter 13 out of 41. Talent when combined with smart and hard work along with love for what one is doing usually produces a masterpiece, something the majority approves of and likes. On Wattpad, you can find Inamorata ; an amazing story by Irish Rose. A story about humanity, morals, feelings, thoughts, and love. Unlike the trend of writing about a love story, Irish Rose wrote about a human in love with everything. You the reader, I bet, can't help except to fall in love with her. The courage that Irish Rose had to write such that she makes you sometimes despise the heroine and at some other times be happy for her is really overwhelmingly beautiful. I can not imagine how hard it was for Irish Rose to write this down, but I believe the book heavily draws from real-world experiences and carefully crafts contradictions. At...
Read more