[ale] failed ssh login attempts
Jim Lynch
jwl at sgi.com
Fri Feb 11 15:23:38 EST 2005
What someone really needs to do is write a ssh spoofing daemon to accept
any user and any password and let them think they've logged in. If
there were enough out there, maybe it would keep the chaps busy sorting
the spoofs from reality.
Jim.
Jason Fritcher wrote:
> Googi Singha wrote:
>
>> Most of these scan tools seem to use cleartext passwords. If you enable
>> keys and also follow hints such as the ones below - you should be pretty
>> safe.
>
>
> I went one step further and turned off password authentication
> altogether. Now I don't even see the attempt messages in the logs. :)
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
More information about the Ale
mailing list