On Mon, 29 May 2006 17:03:46 -0500, Mike C <Mikec1@xxxxxxxxxxxx> opined: > What exactly is bruteforcing and is their away to stop it in fedora > without useing a router or firewall box? > > Thanks for any help > It's an attempt (usually with hacker software) to crack the root password by trying with a burst of many different password forms. The best defense that I know of (and I use) is swatch. Swatch watches a log for RegEx patterns and then executes a script when it is matched (such as immediately adding a rule to IPTables. This way the potential hacker only gets one shot. More fundamentally, sshd should only be permitted if absolutely necessary and then restricted to known IPs that need ssh access. -- Our DNSRBL - Eliminate Spam: http://www.TQMcube.com Multi-RBL Check: http://www.TQMcube.com/rblcheck.php The Dirty Dozen Spammiest Ranges: http://tqmcube.com/dirty12.php
Attachment:
signature.asc
Description: PGP signature
