[BUGS] Constant SSH login spam
Martin Barry
marty at supine.com
Tue Feb 5 09:19:30 EST 2008
$quoted_author = "Sh4d03" ;
>
> My recommendation would be to simply move it to another port. This is
> "giving in" to script kiddies as much as installing Anti-Spam measures
> is "giving in" to Spammers. It's easy to do, and in my opinion a much
> cleaner option rather than installing 3rd party mechanisms. Why bother
> your system by making it check invalid login counts when you can simply
> (and cheaply) drop the traffic if they don't know the port?
It's security by obscurity and it will only work until it gets popular and
then intruders will start port scanning before launching the dictionary
attack.
Denyhosts is defense in depth. It creates a situation where you can't try
bad usernames endlessly and you can't try passwords for valid usernames
endlessly.
I for one use it everywhere and can't recommend it enough.
cheers
marty
--
"To err is human, to forgive is not my policy. -- root"
- sig file on slashdot
More information about the BUGS
mailing list