Thought of moving to a different port? Granted, if they port-sweep your IP, they might find where you've moved off to, but it will cut WAY down on the hits (especially if you pick something from the well-known list that is normally innocuous, like, oh, port 1, 70, 179, etc.), and it's a one-line change to your sshd_config (well, that and training yourself to ssh onto the other port... '-p' or '-P' options depending on what you're trying to do). -Michael |> From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] |> On Behalf Of Zembower, Kevin |> Sent: Wednesday, July 09, 2008 12:56 PM |> To: secureshell@xxxxxxxxxxxxxxxxx |> Subject: Deliberately create slow SSH response? |> |> This might seem like a strange question to ask, but is there a way to |> deliberately create a slow response to an SSH request? I'm annoyed at |> the large number of distributed SSH brute-force attacks on a server I |> administer, trying to guess the password for 'root' and other accounts. |> I think that my server is pretty secure; doesn't allow root to log in |> through SSH, only a restricted number of accounts are allowed SSH |> access, with I think pretty good passwords. But still, the attempts |> annoy me. |> |> I wouldn't mind if SSH took say 30 seconds to ask me for my password. |> This would slow the attempts. Is there any way to configure OpenSSH to |> do this? I searched the archives of this group with 'slow' and 'delay' |> but didn't come up with anything on this topic. Please point it out to |> me if I overlooked anything. In addition, I can limit the number of SSH |> connections to 3-5 and still operate okay. |> |> Ultimately, I need this solution for hosts running OpenSSH_3.9p1 under |> RHEL ES 4 and OpenSSH_4.3p2 under Debian 'etch' 4.0 and Fedora Core 6. |> |> Thanks in advance for your advice and suggestions. |> |> -Kevin |> |> Kevin Zembower |> Internet Services Group manager |> Center for Communication Programs |> Bloomberg School of Public Health |> Johns Hopkins University |> 111 Market Place, Suite 310 |> Baltimore, Maryland 21202 |> 410-659-6139
