Date: Tue, 7 Oct 2008 03:14:31 +0200 (CEST) From: sk@elegosoft.com To: "Eitan Adler" <eitanadlerlist@gmail.com> Cc: freebsd-current@freebsd.org Subject: Re: SSH Brute Force attempts Message-ID: <5073.82.41.242.250.1223342071.squirrel@mail.elegosoft.com> In-Reply-To: <48E829D6.1000902@gmail.com> References: <48E16E93.3090601@gmail.com> <48E4368E.4020404@gmail.com> <4046.82.41.242.250.1223173482.squirrel@mail.elegosoft.com> <48E829D6.1000902@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> sk@elegosoft.com wrote: mornin' > Rich Healey wrote: > Recently I'm getting a lot of brute force attempts on my server, in > the past I've used various tips and tricks with linux boxes but many of > them were fairly linux specific. > disable pasword authentication OR use very strong passwords (24 chars) > OR use OTP >> if it is applicable you could limit access by hosts (from=) >> nothing of the above is linux or BSD specific >> btw. Software to delay Login Attempts could be tricked. > Which software? how? I was talking fail2ban http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4321 http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=denyhosts regards Stefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5073.82.41.242.250.1223342071.squirrel>