Re: ssh library attack

From: jsuthan (jsuthan_at_gmail-spam.com)
Date: 08/07/05

Next message: jsuthan: "Re: ssh issues"
Previous message: dsaklad_at_zurich.csail.mit.edu: "Rmail user groups. Rmail. emacs. spamassassin headers. emacs commands. Rmail commands. whitelist."
Next in thread: YouCanToo: "Re: ssh library attack"
Reply: YouCanToo: "Re: ssh library attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 07 Aug 2005 11:43:10 +0800

CL (dnoyeB) Gilbert wrote:
> Everyday someone has attempted to log into my ssh server 1000s of times
> with a bunch of different names. There is nothing significant on my
> Linux box to be concerned with. I am just sick of seeing all this in my
> logs and why should I let it continue.
>
> There is no root login over ssh on my box, and you cant login without a
> key eiter, no password access.
>
> Is there a way to combat this without hampering my daily access? I do
> tend to access from a given IP address, but I don't want to guarantee
> this. Perhaps I could just change to some obsecure port number? Any
> specific number? Can the sshd listen on multiple ports till i finalize
> on a different port if this is the way to go?
>
>

Hi,

To avoid for future exploit.. don't place SSH communication on standard
port 22. The only problem for HTTP and SMTP these ports can't be
changed! Those ports need alternative enforcement. Back to SSH try
change port to different port, give hackers more work todo.. then come
the NMAP thing which discover which port is open. Its still more work.
Choosing different ports will be secure and avoid random exploits.
Everyone know port 22 is SSH!

-- 
jsuthan
Zues linux team
http://www.mypulau.com

Next message: jsuthan: "Re: ssh issues"
Previous message: dsaklad_at_zurich.csail.mit.edu: "Rmail user groups. Rmail. emacs. spamassassin headers. emacs commands. Rmail commands. whitelist."
Next in thread: YouCanToo: "Re: ssh library attack"
Reply: YouCanToo: "Re: ssh library attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: ssh gives "Permission denied, please try again"
... port 22 on your internal machine, so you will need to keep ssh up to ... I configure the router to forward a different external port to 22 on my ... For good measure pick usernames that are none obvious, ... root/password: 163 times ...
(uk.comp.os.linux)
[NEWS] SSH service at Dell DRAC4 Denial of Service (Mocana)
... SSH service at Dell DRAC4 Denial of Service ... Dell Remote Access Card 4 allows customers to effectively manage ... After the use of such a port scanner, ...
(Securiteam)
Re: Remote Desktop directly to another computer on the network
... default port... ... And there is no reason for me to believe that ssh ... When I have a multibillion company I will use the key pair, ... WinSCP for that to access my home SSH server. ...
(microsoft.public.windowsxp.work_remotely)
Re: SSH safety
... SSH safety (J.L. ... FC3 missing KDE menu items ... I was wondering how safe it is to open the ssh port up to the internet. ...
(Fedora)
Re: FTPS Server?
... port numbers by deep packet inspection. ... client, but the underlying SSH protocol over the network is way, way ... See the chroot configuration in the man-page for sshd_config ... recommend running a separate instance on a separate port (if firewalls ...
(freebsd-stable)