Re: throttle ssh logins (OpenSSH sshd)

On Sat, 19 Jan 2008 00:19:20 GMT Ivar Rosquist <IRosquist@xxxxxxx> wrote:
| On Fri, 18 Jan 2008 22:42:38 +0000, phil-news-nospam wrote:
|
|> On 07 Jan 2008 18:23:10 GMT Alan Strassberg <paleale@xxxxxxxxx> wrote:
|>
|> | I'm tried of the script kiddies trying ssh logins. | Is
|> there a way to throttle (say max 3 connections per minute) |
|> using OpenSSH (4.5p1). I don't see anything in sshd_config for this. |
|> Or do I need to use tcp wrappers?
|>
|> A more extreme option is to abandon the well-known port and use a
|> different port number. I did that, and they have not been bothering the
|> new port at all. It's not "security by obscurity" because it's not
|> considered to be a security solution. It is just an attempt to keep my
|> logs from being so cluttered.
|
| More and more ISPs are doing network management. What this means
| is that they will give low priority to (or even block) packets addressed
| to non-standard ports - especially when the data in such packets is
| encrypted. Which implies that you might be leaving legitimate users out
| there in the cold.

That is certainly a risk. But I will use the term "mismanagement" with
anyone that asks why they can't get connected. So far I have had no
problem even with Comcast. Apparently such places as schools and even
some libraries would be more of an issue. In another thread it is told
that a library is blocking port 22. Possibly all that is open is 80 and
maybe 443, or maybe nothing is open at all and only a proxy can be used.
There is no end to the possible ways inept managers and untrained admins
can ruin a network.

--
|---------------------------------------/----------------------------------|
| Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
| first name lower case at ipal.net / spamtrap-2008-01-18-2129@xxxxxxxx |
|------------------------------------/-------------------------------------|
.

Relevant Pages

  • Help! FreeBSD: 88.78 KBps, Linux: 624.95 KBps
    ... pass in log on $ext_if proto tcp from any to $ext_if port 22 keep state ... php4-ctype-4.4.4_1 The ctype shared extension for php ... pkgconfig-0.17.2 A utility to retrieve information about installed libraries ...
    (freebsd-questions)
  • RE: Help! FreeBSD: 88.78 KBps, Linux: 624.95 KBps
    ... pass in log on $ext_if proto tcp from any to $ext_if port 22 keep state ... php4-ctype-4.4.4_1 The ctype shared extension for php ... xorg-libraries-6.8.2 X11 libraries and headers from X.Org ...
    (freebsd-questions)
  • RE: Help! FreeBSD: 88.78 KBps, Linux: 624.95 KBps
    ... pass in log on $ext_if proto tcp from any to $ext_if port 22 keep state ... php4-ctype-4.4.4_1 The ctype shared extension for php ... xorg-libraries-6.8.2 X11 libraries and headers from X.Org ...
    (freebsd-questions)
  • Re: Is Forth more focused on detail rather than on concept?
    ... proprietary extensions sucks a lot. ... E.g. the VFX port for MINOS has 1500 ... The next port will have those 1500 lines again, ... far more time implementing libraries outside the kernel than time ...
    (comp.lang.forth)
  • XFree86-4 port wont build under 5.3
    ... broker# make ... I checked the port at the ... freetype2-2.1.7_3 A free and portable TrueType font rendering engine ... linux-XFree86-libs-4.3.0_2 XFree86 libraries, Linux/i386 binary ...
    (freebsd-questions)