[BUGS] Constant SSH login spam
Sunnz
sunnzy at gmail.com
Mon Feb 4 22:19:14 EST 2008
2008/2/4, Sh4d03 <mlists at shadow-security.net>:
> Jerahmy Pocott wrote:
> My recommendation would be to simply move it to another port. This is
> "giving in" to script kiddies as much as installing Anti-Spam measures
> is "giving in" to Spammers. It's easy to do, and in my opinion a much
> cleaner option rather than installing 3rd party mechanisms. Why bother
> your system by making it check invalid login counts when you can simply
> (and cheaply) drop the traffic if they don't know the port?
>
> Worked for me!
>
It may work for you, but what about people who need to SSH from a
restrictive firewall where only common ports are open, such that they
have to use 22?
I would use the following:
http://home.nuug.no/~peter/pf/en/long-firewall.html#BRUTEFORCE
It is a lot more simpler to set up than the sourceforge thing to
detect constant logins and drop the packets.
--
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
More information about the BUGS
mailing list