SSH brute force blocker

terminal

Part of the historical inheritance in IT is, that old systems never want to die.

There is an FTP server running under RedHat 3.6 (which is from 2006, I think). And since FTP should be reachable from the Internet, quite often some kids are trying to run brute-force attacks against the SSH port to see if they manage to get in.

While the slightly more update Operating systems now have more advanced possibilities available to implement those rather quite simple tasks, the good old fashion version 3 now.

Before going through the hassle of trying to update Python, the system or anything else I found a bash script on seclist.org.

After pimping it with a bit of documentation and the suggested changes from the follow-up posts, I ended up with a working script that locks out all the attacking hosts, why ignoring the hosts coming from private ranges at the same time.

The script is in the Github-repository.