[Nelug] Blocking brute-force ssh attacks
Scott Wilcox
sc0tt at x0f.org
Tue Aug 22 12:51:31 UTC 2006
I do the same thing here, works great.
Scott.
bob wrote:
> On Thursday 10 August 2006 07:25, James Ogden wrote:
>
>> Martin Ward wrote:
>>
>>> On Wednesday 09 Aug 2006 19:08, Stephen wrote:
>>>
>>>> I've got mine set up to allow only 1 user and to require the correct ssh
>>>> key, and disabled normal password authentication.
>>>>
>>> That stops them getting in, but it doesn't stop them banging on the door
>>> for hours on end (which dropping all packets from their IP address does).
>>>
>> My inelegant, insecure but highly effective solution to this was to run
>> sshd
>> on a different port. It won't stop someone serious, of course, but it will
>> filter out the random script kiddies
>>
>> James
>>
>>
>
> Can I echo James' comments? I also changed the ssh port and all the dictionary
> attacks immediately disappeared. It certainly works, even if it's not a total
> fix for the problem if you've got a determined attacker.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/durham/attachments/20060822/d1d0da40/attachment.htm
More information about the Nelug
mailing list