Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?

From: "Andy Greenwood" <greenwood.andy@xxxxxxxxx>
Date: Mon, 13 Nov 2006 09:29:21 -0500

On 11/13/06, Gerard Seibert <gerard@xxxxxxxxxxxxx> wrote:

On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:

> I had the same 'problem'. As said it's not realy a problem since FreeBSD
> will hold just fine if you don't have any rather stupid user + pass
> combinations. ( test test or something like that ) Allthough I thought
> it was annoying that my intire log was clouded with those brute force
> attacks so I just set sshd to listen at an other port then 22. Maybe
> that's a acceptable solusion for you ? You can change the ssd port in
> /etc/ssh/sshd_config

Security through obscurity is a bad idea. Rather, use SSH key based
authentication exclusively. Turn off all of the password stuff in
sshd_config. Laugh at the poor fools trying to break in.

I second this notion. I had bruteforceblocker running and recently
switched to key based auth only. The good news is no one is breaking
in. the bad news is that my server is remote and difficult to get
physical access to and the only key I uploaded initially was my work
PC. Tried to get in from home over the weekend and found that I had
locked myself out! doh! Just make sure that you have at least one PC
you can get to from anywhere which has a key to get into your server.

--
Gerard

Mail from '@gmail' is rejected and/or discarded here. Don't waste
your time!
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

--
I'm nerdy in the extreme and whiter than sour cream
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Follow-Ups:
- Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
  - From: eculp@xxxxxxxxxxxxxx

References:
- Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
  - From: Leo L. Schwab
- Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
  - From: Frank Staals
- Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
  - From: Gerard Seibert

Prev by Date: RE: APC SMART-UPS 750 VA
Next by Date: cant login to my server machine(FreeBSD-6.0)
Previous by thread: Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Next by thread: Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Index(es):
- Date
- Thread

Relevant Pages

Re: Lost All Newsgroups/Error Message
... Microsoft Internet Messaging API 6.00.2900.3028 ... server. ...
(microsoft.public.windows.inetexplorer.ie6_outlookexpress)
Re: OT History of usenet
... I can go via my ISP, who no longer provides a news service, ... This is the Internet after all. ... server operators don't use it, allowing anyone to access their servers. ... "Google Groups", but many people never go near Google at all. ...
(misc.health.diabetes)
Re: OT History of usenet
... I can go via my ISP, who no longer provides a news service, ... This is the Internet after all. ... server operators don't use it, allowing anyone to access their servers. ... "Google Groups", but many people never go near Google at all. ...
(misc.health.diabetes)
Re: OT History of usenet
... I can go via my ISP, who no longer provides a news service, ... This is the Internet after all. ... server operators don't use it, allowing anyone to access their servers. ... "Google Groups", but many people never go near Google at all. ...
(misc.health.diabetes)
Re: Cannons at Gettysburg
... > | server space, but a link to someone else's server? ... > You need to examine headers. ... > It was a 191KB JPEG posted into a discussion only News Group. ... you are using Google and don't know the difference! ...
(alt.photography)