Re: Brute force attack, exponential delay for reconnect?
From: Unruh (unruh-spam_at_physics.ubc.ca)
Date: 05/31/05
- Next message: David Magda: "Re: scp/sftp : how to allow GET only ?"
- Previous message: Vincent: "The end"
- In reply to: S P Arif Sahari Wibowo: "Brute force attack, exponential delay for reconnect?"
- Next in thread: S P Arif Sahari Wibowo: "Re: Brute force attack, exponential delay for reconnect?"
- Reply: S P Arif Sahari Wibowo: "Re: Brute force attack, exponential delay for reconnect?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 May 2005 23:20:26 GMT
S P Arif Sahari Wibowo <arifsaha@yahoo.com> writes:
>Hi!
>The machines I look after have been getting very bad brute force attack
>on the openssh login. Sometime the machines just become locked up,
>although I am not sure it is related. Some of the user names are easily
>guessable and attacked, but I don't have the option to close
>password-based login.
Make sure your users have good passwords. Eg make sure that cracklib is
used to test the password. User names are assumed public knowledge. It is
the password that is most important.
>Any advice for this situation?
>I think one good way to reduce the attack is having controllable delay
>between reconnection from same IP. Ideally the delay should
>exponentially increase for every failed login attempt. Is there any
>configurations or patches that will allow such thing?
- Next message: David Magda: "Re: scp/sftp : how to allow GET only ?"
- Previous message: Vincent: "The end"
- In reply to: S P Arif Sahari Wibowo: "Brute force attack, exponential delay for reconnect?"
- Next in thread: S P Arif Sahari Wibowo: "Re: Brute force attack, exponential delay for reconnect?"
- Reply: S P Arif Sahari Wibowo: "Re: Brute force attack, exponential delay for reconnect?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
