Re: sshd: Authentication Failures: 137 Time(s)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Am Montag, den 04.04.2011, 15:07 +0200 schrieb Rainer Traut:
> Am 04.04.2011 12:34, schrieb Marian Marinov:
> >> How is it possible for an attacker to try to logon more then 4 times?
> >> Can the attacker do this with only one TCP/IP connection without
> >> establishing a new one?
> >> Or have the scripts been adapted to this?
> >
> > The attackers are not trying constantly.. Just a few bursts of trys.
> >
> > Look at denyhosts ( http://denyhosts.sourceforge.net/ ).
> > I also have a tool for protecting from brute force attacks called Hawk (
> > https://github.com/hackman/Hawk-IDS-IPS ).
> 
> Ok, thanks to both of you, it seems the scripts getting better and better.
> Will change my iptables rule to keep the blacklist for longer.
> 
> Thx
> Rainer

Also check MaxAuthTries in /etc/ssh/sshd_config

Specifies the maximum number of authentication attempts permitted per
connection.

Henry

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux