Re: shutting down dictionary attacks
From: Brian J. Woods (brianjwd_at_gmail.com)
Date: 07/04/05
- Previous message: Guillaume Vissian: "Re: shutting down dictionary attacks"
- In reply to: Josh Grosse: "shutting down dictionary attacks"
- Next in thread: Josh Grosse: "Re: shutting down dictionary attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 04 Jul 2005 03:08:21 -0500 To: secureshell@securityfocus.com
Josh Grosse wrote:
>I run OpenBSD 3.7 with OpenSSH 4.1, and found that even with:
>
> PermitRootLogin no
> PasswordAuthentication no
> Protocol 2
> ChallengeResponseAuthentication no
>
>Using OpenSSH or Putty from test PCs, I couldn't supply a password, but the
>script kiddies were still finding a way to make password attacks. Obviously,
>their skills are certainly better than mine.
>
>Searching The Fine Archive, I found
>http://marc.theaimsgroup.com/?l=secure-shell&m=109755336414758&w=2
>
>which suggests
>
> PAMAuthenticationViaKbdInt no
>
>as an additional config setting. It's not applicable to OpenSSH 4.1
>on OpenBSD. But, poking through sshd(8) I found:
>
> KerberosOrLocalPasswd no
>
>After adding that to my config, it *seems* like my attacks may have
>been stopped. At least, they're no longer being logged.
>
>Any thoughts on whether this change will be effective, or if this was just
>serendipitous?
>
> -Josh Grosse-
>
>
>
Apologies about the last reply.
More info on the environment the PCs are in is probably needed.
- Previous message: Guillaume Vissian: "Re: shutting down dictionary attacks"
- In reply to: Josh Grosse: "shutting down dictionary attacks"
- Next in thread: Josh Grosse: "Re: shutting down dictionary attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
