[Gllug] ssh brute force attacks
Anthony Newman
anthony.newman at ossified.net
Mon Dec 8 17:14:15 UTC 2008
Ryan Cartwright wrote:
> I have been known to restrict ssh to a single user that is only there
> for ssh in. Then I can su from there once I am in. Again depending
> upon my paranoia level, the username for this account is sometimes not
> recognisable as a "real" word. So it's more likely to be something
> like "agk4t93" than "ryan". Not that a brute force is incapable of of
> attempting such combinations of characters but IME they tend to try
> those as passwords rather than usernames.
Do you also sleep with one eye open?
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list