RE: SSH break-in attempts

...
Another thing to note when using this procedure (as I have learned
in the last two days) is that the script kiddies will fire off five
or ten simultaneous SSH threads. Thus, you will have five or ten
log files with no records in them yet. Given that each one gives
them three attempts to guess the password, you will get a lot of
alarms before the rate limiting kicks in. But when those log files
are closed/flushed, boy do they hit a brick wall! :-)

My original goal was to tie the hacker's machine up waiting for the prompt
rather than stopping them. I have logged over 63,000 break-in attempts but
they only hit a valid username 165 times so I am not worried about one of
these idiots getting in. When I first created this I was disappointed to see
that the attackers give up so early in the attack. But if you want them to
go away faster you can try adding a "SET OUTPUT_RATE=00:00:02" to the
LOGIN.COM and see if that helps.

...
Now I just wish for a similar one for FTP.
...

I very seldom see FTP attacks. POP attacks were more common when I had the
POP port opened on the firewall, but I had to close that because of the huge
security whole JF keeps mentioning but HP keeps ignoring. I use HG_FTP
because it plays with Windows user better than HP's FTP so I don't know if a
similar technique would work with HP's FTP.


Peter Weaver
www.weaverconsulting.ca www.openvmsvirtualization.com
www.vaxvirtualization.com www.alphavirtualization.com
Winner of the 2007 OpenVMS.org Readers' Choice Award for System
Management/Performance

.

Relevant Pages

  • Re: mechanics of surprise
    ... attacks and granting large numbers of Hit Points to major combatants ... I find it very easy to play in a milieu ... HIt Points: that there foes would miss more and more often, ... points a turn, and each having about 100 hp, then a character ...
    (rec.games.frp.advocacy)
  • Re: mechanics of surprise
    ... attacks and granting large numbers of Hit Points to major combatants ... HIt Points: that there foes would miss more and more often, ... miss rather often and armor prevents some damage, ... points a turn, and each having about 100 hp, then a character ...
    (rec.games.frp.advocacy)
  • Re: updating web page with publisher 2007
    ... MS Publisher 2007 and Vista with IE7 loading my website to APlus.net. ... instructions for FTP uploading in Vista. ... unix using ftp site when i hit publish to web box appears i ...
    (microsoft.public.publisher)
  • Re: RL Newbieish help?
    ... * Evasion - makes you harder to hit. ... Suffers badly ... against attacks that never miss, ... * Pre-emptive annihilation - the monsters can't hurt you if they're ...
    (rec.games.roguelike.misc)
  • Re: Fallout 3 - First 1&1/2 hours (Long, Spoilers)
    ... VATS for the first time, and I shoot at the radroach. ... I hit it or not, ... to execute my attacks in vats, I get through them, and see a security ... I split up my skill points between my tagged ...
    (comp.sys.ibm.pc.games.rpg)