Re: how to react on ssh attacks?
From: Rich Stanford (rich_at_stanfordsystems.org)
Date: 10/24/05
- Previous message: Stuart Sears: "Re: how to react on ssh attacks?"
- In reply to: Tom Yates: "Re: how to react on ssh attacks?"
- Next in thread: Boris Glawe: "Re: how to react on ssh attacks?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: fedora-list@redhat.com Date: Mon, 24 Oct 2005 07:11:32 -0500
On Monday 24 October 2005 5:51 am, Tom Yates wrote:
> On Mon, 24 Oct 2005, Stephanus Fengler wrote:
> > I recently checked my log files of my ssh service (so far as I
> > understand this is my only service open) and realized that from the very
> > same IP I got a lot of request trying to guess a user name on my system,
> > I assume. Since login name always changes in even chronological
> > alphabetical order.
> >
> > So shell I worry about it or do I need to do some countermeasures?
>
> in case this is of any use to anyone, i've made a web page out of the
> responses i got when i asked this question on a number of lists earlier
> this year, plus the details of the solution i went for.
>
> it's not pretty yet, but the emails are up at
> http://www.teaparty.net/technotes/ssh-rate-limiting.html. i'll make it
> prettier, make the links usable, that sort of thing, as time permits.
> hope it's useful to someone.
>
>
> --
>
> Tom Yates - http://www.teaparty.net
I found the following article very helpful. Fairly easy to set up and has
eliminated about 90% of these automatic scans.
http://www.linux.com/article.pl?sid=05/09/15/1655234
Rich
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Stuart Sears: "Re: how to react on ssh attacks?"
- In reply to: Tom Yates: "Re: how to react on ssh attacks?"
- Next in thread: Boris Glawe: "Re: how to react on ssh attacks?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
