Fwd: Brute-Force SSH Server Attacks Surge -- InformationWeek
Bob King
bob.king.1138 at gmail.com
Thu May 15 09:47:39 EDT 2008
According to the Information Week article:
http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=207603339
One of the more interesting bits was that the attacks are shifting to a more
distributed model to avoid detection by IDS/IPS systems, using botnets.
Many distros come with ssh installed by default, and often with root access
allowed by default. I always thought that disabling root access via ssh is a
good idea, but reading this I would assume it would be a good idea to just
deactivate password access via ssh all together and limit access to systems
with keys known to the host. Moving the sshd to a non-standard port would be
another move, but would that stop more than the most basic tools?
I would be interested in hearing recommendations from other folks on the
list.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20080515/e3948b49/attachment.html
More information about the gnhlug-discuss
mailing list