[sclug] SSHD

Martin Summers Martin.Summers at ansys.com
Tue Jan 30 11:44:55 UTC 2007 

 Pieter's method is a lot better than the one I just suggested !!

-Martin

-----Original Message-----
From: sclug-bounces at sclug.org.uk [mailto:sclug-bounces at sclug.org.uk] On
Behalf Of pieter claassen
Sent: Tuesday, January 30, 2007 11:37 AM
To: David Newcomb
Cc: sclug at sclug.org.uk
Subject: Re: [sclug] SSHD

This might be what you are looking for (initially I though that
login.defs might help but it looks like pam ignores it like a stop sign)

Cheers,
Pieter

PAM delay module
Synopsis
Module Name:
        pam_delay.so
Author:
        Peter Benie <pjb1008 at cam.ac.uk>
Maintainer:
        Author.
Management groups provided:
        authentication
Cryptographically sensitive:
Security rating:
Clean code base:
        Compiles cleanly.
System dependencies:
Network aware:
Overview of module
The purpose of this module is set the delay on authentication failure to
slow down brute-force attacks. 
Authentication component
Recognised arguments:
        time;
Description:
        This module performs no authenication task; its sole purpose is
        to set the pam_fail_delay. The time is specified in seconds
        unless units are given. Units may be us (microseconds), ms
        (milliseconds), s (seconds) or m (minutes). If more than one
        argument is given, the delay set is the sum of all the specified
        delays. 
        
        This module should be placed in the list of authentication
        modules before any modules that check passwords.
        
Examples/suggested usage:
         auth       required     /lib/security/pam_delay 1s 500ms
         auth       required     /lib/security/pam_securetty.so
         auth       required     /lib/security/pam_pwdb.so shadow nullok
         auth       required     /lib/security/pam_nologin.so
        
        

On Tue, 2007-01-30 at 11:27 +0000, David Newcomb wrote:
> Hi All,
> 
> I am getting a lot of brute force attacks on one of my linux internet 
> servers. Is there a way I can make the client wait 60 seconds before 
> allowing them to try and login again?
> 
> Anything like this available?
> 
> 
> Regards,
> David
> ---------------------------------------
> Managing Director
> +44 (0) 7866 262 398
> BigSoft Limited
> Reading, UK
> http://www.bigsoft.co.uk/
> Registered in Cardiff, Wales 3960621
> 
>

More information about the Sclug mailing list