Displaying 1 result from an estimated 1 matches for "blacklist_iser".
2008 Jun 12
2
Request for added functionality - tracking and blocking attacks
...an go on for hours.
It would be very nice if sshd provided the following functions to help
deter these attacks. Here is my proposal.
1. sshd at reload or start loads a list of black listed account names.
In the sshd_config file one or more lines like this would be placed:
BLACKLIST_USER mysql
BLACKLIST_ISER root
BLACKLIST_USER cups
etc.
2. sshd also loads a small number of whitelisted IP addresses, which
are allowed to use the BLACKLIST user names:
WHITELIST_IP abc.def.ghi.jkl
WHITELIST_IP bca.fed.hig.klj/24
etc.
3. If a login attempt is made on a blacklisted account, but not from
a whitelisted IP...