On Mon, 12 Dec 2005, Chasecreek Systemhouse wrote:
I would say there is a ssh brute force hack floating around that has
not been documented yet; as such it is all Server admins best
interests to remain vigilant.
ssh bruteforcers have been around for a couple years now. it's a sign of
desperation by spammers -- traditional exploits are no longer effective
due to selinux, grsecurity et al, so they have switched to bruteforce.
i've seen attacks of upwards of 500mbit/sec of ssh attempts. they don't
even bother trying to be sneaky about it.
pam_abl is extremely effective in preventing bruteforce attacks:
http://www.hexten.net/pam_abl/
btw you probably don't notice them, but (my|postgre)sql bruteforcers are
going around too.
-Dan
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list