PHWinfo - Afficher un message - using PubkeyAuthentication, still getting dictionary attacks!

05/10/2006, 18h28

Chuck <skilover_nospam@bluebottle.com> writes:

> Todd H. wrote:
> > Nomen Nescio <nobody@dizum.com> writes:
> >
> >> Why do they keep
> >> trying?
> >
> > Because they're script kiddie attacks and will try no matter what your
> > config.
> >
> >> Anything else I can/should do?
> >
> > Just move sshd to listen on a non-standard port and the annoyance will
> > cease.
> >
>
> Or just don't worry about it if you've disabled password authentication.
> That keeps them busy trying hopelessly to get into your server instead
> of attacking one that's truly vulnerable.

If the sshd server isn't there to listen to an attack on port 22, sshd
won't cut a failed login attempt to a log. The host level port
filter will just quietly ignore the tcp connection request. Seems to
work a treat.

--
Todd H.
http://www.toddh.net/

05/10/2006, 18h28	#8
Todd H. Messages: n/a Hébergeur:	Re: using PubkeyAuthentication, still getting dictionary attacks! Chuck <skilover_nospam@bluebottle.com> writes: > Todd H. wrote: > > Nomen Nescio <nobody@dizum.com> writes: > > > >> Why do they keep > >> trying? > > > > Because they're script kiddie attacks and will try no matter what your > > config. > > > >> Anything else I can/should do? > > > > Just move sshd to listen on a non-standard port and the annoyance will > > cease. > > > > Or just don't worry about it if you've disabled password authentication. > That keeps them busy trying hopelessly to get into your server instead > of attacking one that's truly vulnerable. If the sshd server isn't there to listen to an attack on port 22, sshd won't cut a failed login attempt to a log. The host level port filter will just quietly ignore the tcp connection request. Seems to work a treat. -- Todd H. http://www.toddh.net/