User: Password:
|
|
Subscribe / Log in / New account

Distributed brute force ssh attacks

Distributed brute force ssh attacks

Posted Oct 25, 2009 11:21 UTC (Sun) by oak (guest, #2786)
In reply to: Distributed brute force ssh attacks by DG
Parent article: Distributed brute force ssh attacks

You could provide users a script that does the port-knocking or "firewall
login" for them + a desktop icon for the script.

And then use a modified denyhosts to monitor failed ssh login attempts
from the IP addresses for which the firewall opened a port. Denyhosts
could then e.g. mail the IT admin when too many failed attempts are
noticed. They can then verify (e.g. by phone) that it's the user itself
failing to login (too many times) and not user or user's machine or home
network being compromised...


(Log in to post comments)

Distributed brute force ssh attacks

Posted Oct 25, 2009 14:41 UTC (Sun) by DG (subscriber, #16978) [Link]

Yes - this could work - however it requires distribution of software; my/our approach doesn't....

Each to their own; I'm sure many solutions are better than one :)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds