Installing SSHblock
This morning, i tried to set up SSHblock which can be used to block users who are abusing the SSH protocol and tried to brute force and gained access to the server.
It's really simple to configure SSHblock since the installation script has done it for you and all you have to do is read the instructions and or warning that came out and fix that and re-run the script again. Even though the script couldn't find the path used in Slackware, but it seems that it will finally place the rc scripts to /etc/rc.d/, which is the correct place in Slackware. That's awesome.
Since it's a PERL scripts, it requires other CPAN modules. SSHblock originally only requires SWATCH to be installed, but SWATCH itself requires 3 modules to be installed:
You can start the SSHblock service by adding execute permission on /etc/rc.d/rc.sshblock and then start it using /etc/rc.d/rc.sshblock start
If you wish to see the list of IP blocked, you can use /etc/rc.d/rc/sshblock list and if you wish to clear all the blocked IPs, use /etc/rc.d/rc.sshblock clear
It's really simple to configure SSHblock since the installation script has done it for you and all you have to do is read the instructions and or warning that came out and fix that and re-run the script again. Even though the script couldn't find the path used in Slackware, but it seems that it will finally place the rc scripts to /etc/rc.d/, which is the correct place in Slackware. That's awesome.
Since it's a PERL scripts, it requires other CPAN modules. SSHblock originally only requires SWATCH to be installed, but SWATCH itself requires 3 modules to be installed:
- Date::Calc
- Date::Manip
- File::Tail
You can start the SSHblock service by adding execute permission on /etc/rc.d/rc.sshblock and then start it using /etc/rc.d/rc.sshblock start
If you wish to see the list of IP blocked, you can use /etc/rc.d/rc/sshblock list and if you wish to clear all the blocked IPs, use /etc/rc.d/rc.sshblock clear