From owner-freebsd-questions@FreeBSD.ORG Mon Nov 13 11:07:53 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B6AE16A407 for ; Mon, 13 Nov 2006 11:07:53 +0000 (UTC) (envelope-from gerard@seibercom.net) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5E2A843D5C for ; Mon, 13 Nov 2006 11:07:52 +0000 (GMT) (envelope-from gerard@seibercom.net) Received: by wx-out-0506.google.com with SMTP id s18so1070887wxc for ; Mon, 13 Nov 2006 03:07:51 -0800 (PST) Received: by 10.70.32.10 with SMTP id f10mr9573229wxf.1163416068259; Mon, 13 Nov 2006 03:07:48 -0800 (PST) Received: from scorpio.seibercom.net ( [67.189.184.224]) by mx.google.com with ESMTP id h39sm10273146wxd.2006.11.13.03.07.47; Mon, 13 Nov 2006 03:07:48 -0800 (PST) Received: from scorpio.seibercom.net (localhost [127.0.0.1]) by scorpio.seibercom.net (Postfix) with ESMTP id B90ABBBBD; Mon, 13 Nov 2006 06:07:46 -0500 (EST) Received: from [192.168.0.4] (boss.seibercom.net [192.168.0.4]) (Authenticated sender: gerard@scorpio.seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTP id 23F64BBA0; Mon, 13 Nov 2006 06:07:46 -0500 (EST) Date: Mon, 13 Nov 2006 06:08:03 -0500 From: Gerard Seibert To: User Questions Organization: Seibercom.NET In-Reply-To: <455836A2.6010004@gmx.net> References: <20061113060528.GA7646@best.com> <455836A2.6010004@gmx.net> X-Face: "\j?x](l|]4p?-1Bf@!wN<&p=$.}^k-HgL}cJKbQZ3r#Ar]\%U(#6}'?<3s7%(%(gxJxxcR nSNPNr*/^~StawWU9KDJ-CT0k$f#@t2^K&BS_f|?ZV/.7Q Message-Id: <20061113060356.E202.GERARD@seibercom.net> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Mailer: Becky! ver. 2.28 [en] X-Virus-Scanned: ClamAV using ClamSMTP Cc: "Leo L. Schwab" , Frank Staals Subject: Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: User Questions List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Nov 2006 11:07:53 -0000 On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote: > I had the same 'problem'. As said it's not realy a problem since FreeBSD > will hold just fine if you don't have any rather stupid user + pass > combinations. ( test test or something like that ) Allthough I thought > it was annoying that my intire log was clouded with those brute force > attacks so I just set sshd to listen at an other port then 22. Maybe > that's a acceptable solusion for you ? You can change the ssd port in > /etc/ssh/sshd_config Security through obscurity is a bad idea. Rather, use SSH key based authentication exclusively. Turn off all of the password stuff in sshd_config. Laugh at the poor fools trying to break in. -- Gerard Mail from '@gmail' is rejected and/or discarded here. Don't waste your time!