April 22, 2006
I recently wrote that I spent some time working on a countermeasure for SSH-dictionary attacks. Well, Bansshee has been in service on my server now for over a week and it's nice to see it working without skipping a beat.
Now instead of getting a notification that a pair of script kiddies tried to brute force their way into my server a few thousands times I get a daily report that looks something like this:
Failed password attempts: 58 time(s).
Illegal user attempts: 10 time(s).
IPs added to blocklist: yoreparo.com [220.127.116.11] : 1 time(s). 18.104.22.168 : 1 time(s).
I am still putting together a downloadable package, hope to post it soon to http://www.wincent.com/a/products/bansshee/.
Bansshee has been publicly released.
More Net articles
Posted by wincent at April 22, 2006 1:55 PM