[Catalyst] [OT] sshd (was Re: Encrypt /Decrypt URI)
Daniel Hulme
st at istic.org
Sat May 19 15:34:10 GMT 2007
On Sat, May 19, 2007 at 09:11:27AM -0500, Dave Rolsky wrote:
> On Sat, 19 May 2007, Daniel Hulme wrote:
> >Not really. I run sshd on my home box on a non-default port
> Check out fail2ban. It can be configured to block an IP with firewall
> rules after it fails to login via SSH a few times. I've installed it on my
> systems and it reports banning various IPs semi-frequently, which makes me
> happy since in the past they would've been trying their entire dictionary.
Thanks for all the suggestions, everyone, but seriously, there's no
need. I've had exactly no dictionary attacks against my sshd since I
started running it on a non-default port. I assume they mostly or all
come from old ssh worms trying IP addresses at random.
Yes, it's easy enough to find services running on non-default ports, but
worms don't bother to do so, probably because there are more than enough
easy targets out there.
Sorry to hijack the thread, people.
--
You could say the same about birds. What are birds? We just don't know.
-- 'Look Around You'
http://surreal.istic.org/ Calm down, it's only ones and zeroes.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.scsys.co.uk/pipermail/catalyst/attachments/20070519/96717c12/attachment.pgp
More information about the Catalyst
mailing list