[Nelug] Blocking brute-force ssh attacks
sc0tt at x0f.org
Tue Aug 22 12:51:31 UTC 2006
I do the same thing here, works great.
> On Thursday 10 August 2006 07:25, James Ogden wrote:
>> Martin Ward wrote:
>>> On Wednesday 09 Aug 2006 19:08, Stephen wrote:
>>>> I've got mine set up to allow only 1 user and to require the correct ssh
>>>> key, and disabled normal password authentication.
>>> That stops them getting in, but it doesn't stop them banging on the door
>>> for hours on end (which dropping all packets from their IP address does).
>> My inelegant, insecure but highly effective solution to this was to run
>> on a different port. It won't stop someone serious, of course, but it will
>> filter out the random script kiddies
> Can I echo James' comments? I also changed the ssh port and all the dictionary
> attacks immediately disappeared. It certainly works, even if it's not a total
> fix for the problem if you've got a determined attacker.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nelug