Re: sshd: Authentication Failures: 137 Time(s)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 



> Introducing a Hawk helped us a lot. Tools like Hawk and
fail2ban are quite
> useful, actually only thinks like that have
good impact on the bruteforce
> attempts.

Indeed! I run
Fail2Ban not only against SSH, but against SMTP/AUTH and IMAPS/POP3S (the
only client mail protocols we support). It's amazing how many dictionary
attacks take place against SMTP by persistent spamers! Besides the effect
against dictionary attacks, it makes the morning reading of the secure log
a pleasant experience. :-)

However, moving to a non-standard
SSH port has had a profound effect on the attempts. It's a triple whammy
for the script kiddies. Find the port if you can, then you get 5 tries at
a non-existent username/password before your packets get dropped on the
floor, and you are totally blocked from the entire system for an hour.

Bob


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux