View Single Post
  #8   (View Single Post)  
Old 21st June 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,817
Default

That parameter does stop the initial session, carpetsmoker. Big deal... the script kiddies just reestablish another TCP session and continue, no time really lost.

Modern ssh attack scripts attempt to brute force password authentication anyway, even if you have it disabled in sshd_config. So I also use PF to block scripted attacks and log the blocked IPs in a database. If you're blocked at my servers, I can give you a reason and a date/time of the misbehavior.
Reply With Quote