sshd hack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Do a search for "ssh-faker" - I've found this very effective.

Daveh 

-----Original Message-----
From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On Behalf
Of Jim Perrin
Sent: 10 March 2006 21:44
To: CentOS mailing list
Subject: Re:  sshd hack

On 3/10/06, Chris Mauritz <chrism@xxxxxxxxx> wrote:
> I'm not really a programmer and I recently came across this hack to 
> insert a short sleep statement into auth-passwd.c within sshd.  It 
> seems to quickly confuse automated dictionary attacks.  I've moved 
> sshd to higher ports but apparently the cretins are now scanning to 
> look for that and attacking on whatever port sshd shows up on.
>
> Anyway, the link to the hack is here:
>
> http://www.aerospacesoftware.com/ssh-kiddies.html
>
> Just wondering if any of the wizened programmers out there can think 
> of any reason why this would be a bad thing to do.

Messing with sshd source isn't something I'm ready to play around with. I'd
rather farm it out to a 3rd party wrapper like denyhosts to block this crap.

--
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety''
Benjamin Franklin 1775
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux