| |||||||||||||
|
| |||||||||||||
Brute-Force SSH Server Attacks Surge (InformationWeek)Brute-Force SSH Server Attacks Surge (InformationWeek)Posted May 14, 2008 17:14 UTC (Wed) by leoc (subscriber, #39773)Parent article: Brute-Force SSH Server Attacks Surge (InformationWeek)
I find changing the host port from the default to something else helps to reduce the incidence of attempts. If nothing else, it at least keeps the log files a little less jammed full of entries that need to be reviewed. You can add an entry to your personal ssh config file to have it automatically use the alternative port without needing to specify it on the command line.
(Log in to post comments)
Brute-Force SSH Server Attacks Surge (InformationWeek) Posted May 14, 2008 17:23 UTC (Wed) by ikm (subscriber, #493) [Link] I second that. Drops from thousands of attempts a day to zero. While it won't give too much security in case of a deliberately planned attack on you, most of the attacks are just automated scripts which check for root=root, lp=lp, etc, creating a mess in the logs.
Brute-Force SSH Server Attacks Surge (InformationWeek) Posted May 15, 2008 15:02 UTC (Thu) by jhardin (guest, #3297) [Link] In addition to changing the listen port on your system, put a TCP tarpit (e.g. LaBrea) on port 22.
|
|
||||||||||||