Am Di, den 09.11.2004 schrieb Jamie McParland um 3:50: > Yea.. I notice I get a bunch of login attempts for ssh everyday using logins > that don't exist. I have strong passwords, but I would rather not have > people banging on my box. Yes, we all see the script kids trying to login via SSH on boxes with very weak password protection. This topic has been discussed to extend here on the list. I think the last thread about it was "More SSH 'trolling'". If searching the list archive for "ssh" in the subject line you will find much more. A quick and easy thing is to let the SSH daemon listen on a different, unused high port. This is nothing which brings security! But the scripts actually run only against port 22, and you will see no more attempts. This is my experience for the moment. There seem to be enough soft victims so that attackers actually feel no need to improve their scripts. > I guess the software I was thinking of was portsentry... But now that I > think about it, portsentry might not be what I need. Yes, portsentry won't help because you can only let watch it for unused ports. Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.8-1.521smp Serendipity 03:56:32 up 20 days, 1:36, load average: 0.48, 0.54, 0.43
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
