[sclug] SSHD

Martin Summers Martin.Summers at ansys.com
Tue Jan 30 11:43:24 UTC 2007


 Hello David,

I know this may sound daft, but one of my favourite methods is to use
ident service, and then deny it on a firewall outbound from the ssh
server, so that there is often a significant delay before it comes back
with prompting for a password. Preventing reverse dns queries also helps
this, but is more difficult to configure (unless you just configure a
non-existing DNS server in your resolv.conf)

There are tools that can manage this as well.....

I expect that this method will be shot down in flames by fellow
SCLUG'gers as it's a bit unorthodox !

-Martin

-----Original Message-----
From: sclug-bounces at sclug.org.uk [mailto:sclug-bounces at sclug.org.uk] On
Behalf Of David Newcomb
Sent: Tuesday, January 30, 2007 11:28 AM
To: sclug at sclug.org.uk
Subject: [sclug] SSHD


Hi All,

I am getting a lot of brute force attacks on one of my linux internet
servers. Is there a way I can make the client wait 60 seconds before
allowing them to try and login again?

Anything like this available?


Regards,
David
---------------------------------------
Managing Director
+44 (0) 7866 262 398
BigSoft Limited
Reading, UK
http://www.bigsoft.co.uk/
Registered in Cardiff, Wales 3960621







More information about the Sclug mailing list