something like ip2country for sshd?

Hi Folks,

since the middle of december my sshd is daily hit by malicious clients! I think those are brute force attacks or at least somehow automated password tryouts (masses of 'sshd .. Failed password for root from ...' in /var/log/auth.log).

The interesting thing is, they all come from foreign counties: usa, china and korea!
So i'm wondering if there is some way to tell sshd to let only clients from my country (germany), or maybe europe connect?

Has anyone done that or something similar like that before?

thanks in advance,
Michael

 

 

 

 

Top