Re: shutting down dictionary attacks

• Previous message: Mojito Jones: "RE: shutting down dictionary attacks"
• In reply to: Josh Grosse: "shutting down dictionary attacks"
• Next in thread: Josh Grosse: "Re: shutting down dictionary attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:	Thu, 7 Jul 2005 20:20:10 +0200
To: Josh Grosse <josh@jggimi.homeip.net>, secureshell@securityfocus.com

On 02-07-2005 at 09:47:59AM -0400, Josh Grosse wrote:
> I run OpenBSD 3.7 with OpenSSH 4.1, and found that even with:
>
> PermitRootLogin no
> PasswordAuthentication no
> Protocol 2
> ChallengeResponseAuthentication no
>
> Using OpenSSH or Putty from test PCs, I couldn't supply a password, but the
> script kiddies were still finding a way to make password attacks. Obviously,
> their skills are certainly better than mine.
>
> Searching The Fine Archive, I found
> http://marc.theaimsgroup.com/?l=secure-shell&m=109755336414758&w=2
>
> which suggests
>
> PAMAuthenticationViaKbdInt no
>
> as an additional config setting. It's not applicable to OpenSSH 4.1
> on OpenBSD. But, poking through sshd(8) I found:
>
> KerberosOrLocalPasswd no
>
> After adding that to my config, it *seems* like my attacks may have
> been stopped. At least, they're no longer being logged.
>
> Any thoughts on whether this change will be effective, or if this was just
> serendipitous?
>
> -Josh Grosse-

http://www.bmk.bz/authfail

Best regards,
        Bartek.

--
If You want to verify authentication of my e-mail visit: www.keyserver.net
   to get from there my public key.

• application/pgp-signature attachment: Digital signature

• Previous message: Mojito Jones: "RE: shutting down dictionary attacks"
• In reply to: Josh Grosse: "shutting down dictionary attacks"
• Next in thread: Josh Grosse: "Re: shutting down dictionary attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]