Fedora Users — Re: Heads up: Brute force attacks on the rise recently

Re: Heads up: Brute force attacks on the rise recently

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx>

Subject: Re: Heads up: Brute force attacks on the rise recently

From: Konstantin Svist <fry.kun@xxxxxxxxx>

Date: Wed, 28 Oct 2009 16:13:24 -0700

In-reply-to: <4AE8CDC1.7020901@xxxxxxxxxx>

References: <4AE8CDC1.7020901@xxxxxxxxxx>

Reply-to: "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx>

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.4pre) Gecko/20091014 Fedora/3.0-2.8.b4.fc11 Thunderbird/3.0b4

On 10/28/2009 04:03 PM, Michael Cronenworth wrote:

-Make sure your root password is not a dictionary word.
-Add iptables rules to limit multiple connections on SSH to 4 within a
minute.[1] Perhaps this needs to become a Fedora default.
-Update your system.
-Use SELinux.


Depending on situation, other measures to contain this problem:

* moving ssh to a different port (something > 1024)

brute force scripts will usually check port 22 only - a differentport will likely be checked only if attack is targeted


* switching to public/private key authentication

even with a bad password, the private key is much more secure againsta script kiddie. It helps against targeted attacks too, but can't rulethem out.

Also, IIRC, in F10/11 SSHd is disabled by default. That could be becauseI usually use LiveCD install, though.



--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines