Login Delay

Drew Van Zandt drew.vanzandt at gmail.com
Fri Jun 24 11:58:00 EDT 2005


Run something else on port 22, maybe if you're feeling sinister
something that acts like an SSH server but has no valid logins?  :-)

--DTVZ

On 6/24/05, Ted Roche <tedroche at tedroche.com> wrote:
> On Jun 24, 2005, at 11:09 AM, Andrew W. Gaunt wrote:
> 
> > If the delay  approaches infinity asymptotically that would be cool
> > too.
> 
> Hmm, I wonder if there's any other way to get there...
> 
> I like the tarpit idea, although it's not built into the ssh servers
> and would need to be implemented via iptables, or another mechanism.
> 
> I've just taken the "best practices" advice offered here and moved
> ssh from the default port. The script kiddies and their 815 guesses
> at names and passwords typically only attempt port 22. But slowing
> them down so they do less damage is appealing.
> 
> Ted Roche
> Ted Roche & Associates, LLC
> http://www.tedroche.com
> 
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
> 


-- 
Drew Van Zandt



More information about the gnhlug-discuss mailing list