[Gllug] ssh brute force attacks
Alain Williams
addw at phcomp.co.uk
Mon Dec 8 15:48:22 UTC 2008
Distributed ssh brute force attacks are on the rise, according to el reg:
http://www.theregister.co.uk/2008/12/08/brute_force_ssh_attack/
I use an iptables blocker (max 3 attempts in 3 minutes) that would be defeated by this.
I also restrict *who* can login over ssh.
What other means do you use to increase ssh security ?
I don't really see the point of running ssh on anything other than port 22 - that
would be defeated with a port scan.
Anyone implemented port knocking - as much as in a SSH client as the server ?
What else ?
--
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
Past chairman of UKUUG: http://www.ukuug.org/
#include <std_disclaimer.h>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list