[sclug] SSHD
Martin Summers
Martin.Summers at ansys.com
Tue Jan 30 11:43:24 UTC 2007
Hello David,
I know this may sound daft, but one of my favourite methods is to use
ident service, and then deny it on a firewall outbound from the ssh
server, so that there is often a significant delay before it comes back
with prompting for a password. Preventing reverse dns queries also helps
this, but is more difficult to configure (unless you just configure a
non-existing DNS server in your resolv.conf)
There are tools that can manage this as well.....
I expect that this method will be shot down in flames by fellow
SCLUG'gers as it's a bit unorthodox !
-Martin
-----Original Message-----
From: sclug-bounces at sclug.org.uk [mailto:sclug-bounces at sclug.org.uk] On
Behalf Of David Newcomb
Sent: Tuesday, January 30, 2007 11:28 AM
To: sclug at sclug.org.uk
Subject: [sclug] SSHD
Hi All,
I am getting a lot of brute force attacks on one of my linux internet
servers. Is there a way I can make the client wait 60 seconds before
allowing them to try and login again?
Anything like this available?
Regards,
David
---------------------------------------
Managing Director
+44 (0) 7866 262 398
BigSoft Limited
Reading, UK
http://www.bigsoft.co.uk/
Registered in Cardiff, Wales 3960621
More information about the Sclug
mailing list