From owner-freebsd-questions@FreeBSD.ORG Mon Nov 13 15:22:38 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6ED1516A403 for ; Mon, 13 Nov 2006 15:22:38 +0000 (UTC) (envelope-from frankstaals@gmx.net) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id EB2DD43D7F for ; Mon, 13 Nov 2006 15:11:17 +0000 (GMT) (envelope-from frankstaals@gmx.net) Received: (qmail invoked by alias); 13 Nov 2006 15:11:15 -0000 Received: from ip176-173-59-62.adsl.versatel.nl (EHLO [192.168.2.5]) [62.59.173.176] by mail.gmx.net (mp037) with SMTP; 13 Nov 2006 16:11:15 +0100 X-Authenticated: #25365336 Message-ID: <45588B16.4070502@gmx.net> Date: Mon, 13 Nov 2006 16:11:18 +0100 From: Frank Staals User-Agent: Thunderbird 1.5.0.4 (X11/20060706) MIME-Version: 1.0 To: User Questions References: <20061113060528.GA7646@best.com> <455836A2.6010004@gmx.net> <20061113060356.E202.GERARD@seibercom.net> In-Reply-To: <20061113060356.E202.GERARD@seibercom.net> X-Y-GMX-Trusted: 0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: "Leo L. Schwab" Subject: Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Nov 2006 15:22:38 -0000 Gerard Seibert wrote: > On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote: > > > >> I had the same 'problem'. As said it's not realy a problem since FreeBSD >> will hold just fine if you don't have any rather stupid user + pass >> combinations. ( test test or something like that ) Allthough I thought >> it was annoying that my intire log was clouded with those brute force >> attacks so I just set sshd to listen at an other port then 22. Maybe >> that's a acceptable solusion for you ? You can change the ssd port in >> /etc/ssh/sshd_config >> > > Security through obscurity is a bad idea. Rather, use SSH key based > authentication exclusively. Turn off all of the password stuff in > sshd_config. Laugh at the poor fools trying to break in. > > > The point is it isn't security through obscurity: as allready pointed out, FreeBSD & sshd can withstand those brute force attacks without much of a problem so there is no security problem, the only thing is those brute force attacks are anoying since they cloud authd.log If those attacks WERE a problem, or if there was a system which you could log in without user & pass if you would find out the correct port then, but only then, it is a bad idea .... -- -Frank Staals