On Jul 9, 2008, at 9:55 AM, Zembower, Kevin wrote:
This might seem like a strange question to ask, but is there a way to deliberately create a slow response to an SSH request? I'm annoyed at the large number of distributed SSH brute-force attacks on a server Iadminister, trying to guess the password for 'root' and other accounts.I think that my server is pretty secure; doesn't allow root to log in through SSH, only a restricted number of accounts are allowed SSH access, with I think pretty good passwords. But still, the attempts annoy me.
I think the best place to do that is in PAM. Here's a module: http://www-uxsup.csx.cam.ac.uk/~pjb1008/project/pam_delay/pam_delay/pam_delay.htmlIf you wanted to do more, you could even write a module that kept track of login attempts and progressively slowed them.
-b
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
