More SSH scanning countermeasures

This is to users to ssh to gigo.com.

Last year, I enabled countermeasures to help keep the SSH hack attempts against gigo.com down to a minimum. We automatically block the IP address of systems trying to log in to gigo.com and repeatedly failing.

The problems are getting worse; as such I’m making these changes: * Attempts to log in as a valid ID: unchanged; 10 attempts and you’re banned 15 minutes * Unknown accounts and daemon accounts: immediately blocked for 150 minutes If you log in from another account with a different account name, make sure that you always remember to specify your gigo.com account name (correctly!) or the machine you are connecting from will be blocked for everything but the web server, for 150 minutes. If this regularly affects you, I *can* whitelist specific IP addresses to be immune to this behavior.

[permalink] · Announcements ·