Re: OpenSSH - Dictionary Attacks
From: Unruh (unruh-spam_at_physics.ubc.ca)
Date: 05/29/05
- Next message: Unruh: "Re: OpenSSH - Dictionary Attacks"
- Previous message: Darren Tucker: "Re: OpenSSH - Dictionary Attacks"
- In reply to: Johhny: "OpenSSH - Dictionary Attacks"
- Next in thread: Sheldon T. Hall - DO NOT MAIL: "Re: OpenSSH - Dictionary Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 29 May 2005 01:21:08 GMT
"Johhny" <exter_c@hotmail.com> writes:
>Hello,
>I am currently looking for a good / reliable solution that I could use
>to implement a way in which we could drop connections that are
>attempting to dictionary attack the servers ssh daemon.
>We often have customers that have several thousand entries in their log
>files where people have tried known usernames and a common list of
>passwords. Because we have a fairly secure (complex) password procedure
>in place they dont generally break in. However the customers getting on
>our case about it is annoying.
>Does anyone know of a solution that would facilite something like that?
If the customers log in from fixed other machines, just put those IP
addresses into /etc/hosts.allow.
If however the customers want to log in from anywhere, just put up with it.
That is a very slow way of guessing passwords.I have no idea why your
customers would be getting on your case about it. Here you have proof that
your policies work and are detering attacks. It is like having videotapes
of someone trying to break into the back door of the shop and failing. Any
attempt to "lock out" would probably open them up to far far more effective
denial of service attacks.
- Next message: Unruh: "Re: OpenSSH - Dictionary Attacks"
- Previous message: Darren Tucker: "Re: OpenSSH - Dictionary Attacks"
- In reply to: Johhny: "OpenSSH - Dictionary Attacks"
- Next in thread: Sheldon T. Hall - DO NOT MAIL: "Re: OpenSSH - Dictionary Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
