Re: sshd: Authentication Failures: 137 Time(s)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, Apr 5, 2011 at 5:51 PM,  <rrichard@xxxxxxxxxx> wrote:
>
>
>
>> Introducing a Hawk helped us a lot. Tools like Hawk and
> fail2ban are quite
>> useful, actually only thinks like that have
> good impact on the bruteforce
>> attempts.
>
> Indeed! I run
> Fail2Ban not only against SSH, but against SMTP/AUTH and IMAPS/POP3S (the
> only client mail protocols we support). It's amazing how many dictionary
> attacks take place against SMTP by persistent spamers! Besides the effect
> against dictionary attacks, it makes the morning reading of the secure log
> a pleasant experience. :-)
>
> However, moving to a non-standard
> SSH port has had a profound effect on the attempts. It's a triple whammy
> for the script kiddies. Find the port if you can, then you get 5 tries at
> a non-existent username/password before your packets get dropped on the
> floor, and you are totally blocked from the entire system for an hour.
>
> Bob
>
>


fail2ban work very well against SSH, SMTP, POP3, FTP, etc, etc.

Another useful tool is Config Server Firewall, which offers DDOS
protection, and can be configured to email you when someone was
blocked for bruteforce attempts.

OR, you can use Port Knocking - which is a iptables script which
monitors 2 or 3 ports, when telnetted to in a pre-configured sequence
will open the SSH port in the firewall. This also works very well


-- 
Kind Regards
Rudi Ahlers
SoftDux

Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux