Saturday, November 28, 2009
New Version of Timelox for Openssh 5.3p1
I've put up a new version of Timelox for use with Openssh 5.3p1. Timelox is a patch for sshd that shuts down brute force attempts to break into machines via ssh. Timelox is different than most other methods in that it detects failed logins from a given ip number, rather than attempts against a userid. So if, as we've seen, attackers use a script that attempts to login with multiple userids, timelox will detect that and call a script to lock out that ip in the firewall.
The latest version includes an installer script for OSX. For more information see the main timelox page at https://wwwx.cs.unc.edu/~hays/dev/timelox_and_TheHand