[ale] 300,000 failed login attempts in 6 months!!!

James Taylor James.Taylor at eastcobbgroup.com
Tue Aug 19 20:09:10 EDT 2008


On my system, end-users don't get to use ssh.
-jt 
 

James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com


>>> "Stephen Benjamin" <skbenja at gmail.com> 8/19/2008 06:13 PM >>> 
They scan more than one port, and *some* attempt service identification,
which is easy with SSH.  But moving it to a non-standard port will reduce
but not eliminate attacks.  It'll also confuse end users if you have any who
aren't technical.



On Tue, Aug 19, 2008 at 6:09 PM, Brian Pitts <brian at polibyte.com> wrote:

> Michael B. Trausch wrote:
> > On Tue, 2008-08-19 at 12:12 -0400, Jim Popovitch wrote:
> >> New?  No.  SSH brute force attempts are not new.  You, as a target,
> >> might be new. ;-)
> >>
> >> Save yourself some trouble and run SSHD on a non-standard port.
> >
> > I keep seeing this said over and over again, and I keep wondering:  Are
> > the attackers _really_ that stupid?  Wouldn't a simple portscan prior to
> > attempting to attack get rid of any benefit that this would provide?
>
> I assume they scan... port 22. If ssh isn't there either it's not
> running or there's a smart admin. Either way that system is not an
> inviting target.
>
> -Brian
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>





More information about the Ale mailing list