Re: SSH Brute Force attempts

From: <sk_at_elegosoft.com>
Date: Sun, 5 Oct 2008 04:24:42 +0200 (CEST)
mornin'

 Rich Healey wrote:
>> Recently I'm getting a lot of brute force attempts on my server, in the
>> past I've used various tips and tricks with linux boxes but many of them
>> were fairly linux specific.


disable pasword authentication OR use very strong passwords (24 chars)
OR use OTP

if it is applicable you could limit access by hosts (from=)

nothing of the above is linux or BSD specific

btw. Software to delay Login Attempts could be tricked.

> Personally I find that changing the port to anything other than 22 stops
> a lot of the skiddie brute force attacks.  Thats not to say you
> shouldn't use something else as well - but it is something.

it works for one of my servers too, but is security by obscurity

regards
Stefan
Received on Sun Oct 05 2008 - 00:56:46 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:36 UTC