Date: Fri, 8 Oct 2004 00:04:52 -0500 From: Vulpes Velox <v.velox@vvelox.net> To: Dave McCammon <davemac11@yahoo.com> Cc: LukeD@pobox.com Subject: Re: Protecting SSH from brute force attacks Message-ID: <20041008000452.1833b2b4@vixen42.24-119-122-191.cpe.cableone.net> In-Reply-To: <20041008024622.75972.qmail@web41410.mail.yahoo.com> References: <20041007192349.36120317@vixen42.24-119-122-191.cpe.cableone.net> <20041008024622.75972.qmail@web41410.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 7 Oct 2004 19:46:22 -0700 (PDT) Dave McCammon <davemac11@yahoo.com> wrote: > Following the advice from here: > http://isc.sans.org//diary.php?date=2004-09-11. > > What I did was to only allow access to one machine > through my firewall for the ssh connections (ipfw > limit). 2 per source address. > And, for that one machine, I changed the sshd port to > a different number. > I was getting the same brute force attacks but they > have dropped to nil since. Yeah, I don't think I have ever seen one on mine ever since I moved it behind nat and forwarded it from a odd port.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041008000452.1833b2b4>