Brute-Force SSH Server Attacks Surge -- InformationWeek

Jerry Feldman gaf at blu.org
Thu May 15 11:30:34 EDT 2008


On Thu, 15 May 2008 11:17:55 -0400
"Ben Scott" <dragonhawk at gmail.com> wrote:

>   One variant of that strategy is to run the real SSH on some
> non-standard port, and then run a sentry on 22, so that anyone trying
> to connect to 22 is automatically blacklisted.

That may be overly brutal. I routinely log into a server with a
non-standard port, and every once in a while I forget to use '-p
xxxx'.  Certainly multiple simultaneous attempts should be blacklisted.

-- 
--
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20080515/ffacda7f/attachment.bin 


More information about the gnhlug-discuss mailing list