Re: I love IP Tables.... (really sshd attacks)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



El Sábado, 26 de Mayo de 2007 00:50, Wolfgang S. Rupprecht escribió:
> "jdow" <jdow@xxxxxxxxxxxxx> writes:
> > The common attack is a dictionary attack with several attempts a second.
> > So of course, they get one shot to crack a password, usually for
> > <snicker> root, which is dumb to begin with. After that first attempt
> > they are blocked for the rest of their run.
>
> Why not just disallow unix-passwords in ssh?  No passwords, no
> dictionary attack.  Guessing an RSA 1k passowrd by trying each should
> keep them busy for quite a long time. (many, many times the lifetime
> of the universe even if they can test multiple billions per second.)

I agree, neither password nor using the default 22 port.
Those both simply "rules" would make you be able to say goodbye to all the 
script-kiddies across the internet who tried to hack remote servers by using 
the bruteforce attacks.

-- 
Manuel Arostegui Ramirez.

Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux