[ale] failed ssh login attempts

Robert L. Harris Robert.L.Harris at rdlg.net
Thu Feb 10 12:08:40 EST 2005 


Why not just use port knocking for opening ssh:

http://www.portknocking.org/view/implementations

There are a number of available daemons to start ssh for you.



Thus spake Sean Johnson (esperantisto at gmail.com):

> Hi all, 
> 
> Just catching up on this thread... i experienced a lot of these type
> of attacks, usually from Asian IPs late at night, so another way i
> helped protect my system was by adding 2 cron jobs one that starts the
> server at 9AM and shuts it down at 6pm. These are the only times i use
> it from work. This is in addition to the following:
> 
> 1. Disable root login via ssh (as well as all other normal type users
> that programs run under)
> 2. Enable it for only the users that explicity need it. (use bastille to help)
> 3. Move default port from 22
> 4. Limiting IP addresses from which you can connect to the server (i.e. work)
> 
> Sean Johnson
> Libranet now Ubuntu! :)
> 
> 
> On Wed, 09 Feb 2005 11:48:32 -0500, John Trostel
> <jtrostel at mindspring.com> wrote:
> > These types of ssh brute force attacks have been occurring for at least
> > a year, I think.  If your system is exposed to the net for any
> > reasonable period of time and runs ssh, it should have been subjected to
> > them.
> > 
> > Always good to keep up to date, turn off (and remove) unneeded services,
> > and read and apply the handy tips in Bob's book!
> > 
> > --
> > John Trostel
> > Photon Computer Services
> > System Support and Design
> > "We're small, fast and discrete"
> > 404-247-5112
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> >
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | GPG Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu
DISCLAIMER:
      These are MY OPINIONS             With Dreams To Be A King,
       ALONE.  I speak for              First One Should Be A Man
       no-one else.                       - Manowar

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature

More information about the Ale mailing list