Am 09.01.2015 um 15:59 schrieb Alexander Ploumistos:
On Fri, Jan 9, 2015 at 4:51 PM, Reindl Harald wrote:
you achieve nothing than cluttered logs from continued dictionary
attacks with such a setup even if it would be possible and that has
the security implication burry interesting lines in noise
Oh, I agree with you, but it would be quite nice to have in a honeypot,
combined with sshd listening on port 22, so I'm still curious if it is
feasible (and how)
for that i would seek a dedicated honeypot-service listening on port 22 with it's own logging and have the real sshd with key-only auth on a non-default port
https://code.google.com/p/kippo/ https://github.com/desaster/kippothat has also the benefit even in case of a bug in sshd itself that you have all the crap on a different code base not be real sshd at all
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
