From owner-freebsd-current@FreeBSD.ORG Sun Oct 5 12:34:12 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C68DD1065695 for ; Sun, 5 Oct 2008 12:34:12 +0000 (UTC) (envelope-from eculp@encontacto.net) Received: from ns2.bafirst.com (72-12-2-19.static.networktel.net [72.12.2.19]) by mx1.freebsd.org (Postfix) with ESMTP id 774ED8FC12 for ; Sun, 5 Oct 2008 12:34:12 +0000 (UTC) (envelope-from eculp@encontacto.net) Received: from HOME.encontacto.net ([189.190.8.164]) by ns2.bafirst.com with esmtp; Sun, 05 Oct 2008 07:34:10 -0500 id 000D528F.48E8B442.000150F3 Received: from localhost (localhost [127.0.0.1]) (uid 80) by HOME.encontacto.net with local; Sun, 05 Oct 2008 07:34:09 -0500 id 0004AC1E.48E8B441.000162B8 Received: from dsl-189-190-8-164.prod-infinitum.com.mx (dsl-189-190-8-164.prod-infinitum.com.mx [189.190.8.164]) by econet.encontacto.net (Horde Framework) with HTTP; Sun, 05 Oct 2008 07:34:09 -0500 Message-ID: <20081005073409.62441itn43jvde80@econet.encontacto.net> Date: Sun, 05 Oct 2008 07:34:09 -0500 From: eculp To: freebsd-current@freebsd.org References: <48E16E93.3090601@gmail.com> <48E4368E.4020404@gmail.com> <4046.82.41.242.250.1223173482.squirrel@mail.elegosoft.com> In-Reply-To: <4046.82.41.242.250.1223173482.squirrel@mail.elegosoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (5.0-cvs) X-Remote-Browser: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.17) Gecko/20080925 Firefox/2.0.0.17 X-IMP-Server: 189.190.8.164 X-Originating-IP: 189.190.8.164 X-Originating-User: eculp@encontacto.net Subject: Re: SSH Brute Force attempts X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Oct 2008 12:34:12 -0000 Quoting sk@elegosoft.com: > mornin' > > Rich Healey wrote: >>> Recently I'm getting a lot of brute force attempts on my server, in the >>> past I've used various tips and tricks with linux boxes but many of them >>> were fairly linux specific. > > > disable pasword authentication OR use very strong passwords (24 chars) > OR use OTP > > if it is applicable you could limit access by hosts (from=3D) > > nothing of the above is linux or BSD specific > > btw. Software to delay Login Attempts could be tricked. > >> Personally I find that changing the port to anything other than 22 stops >> a lot of the skiddie brute force attacks. Thats not to say you >> shouldn't use something else as well - but it is something. > > it works for one of my servers too, but is security by obscurity It worked for me also but in addition I have started accepting ssh =20 from only known ip's but I always have a server with a known ip that =20 uses an alternative port for ssh that I can access from, lets say an =20 internet cafe or like, and then triangle to the server that I'm really =20 interested in. Hope that makes some sense. ed > > regards > Stefan > > > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" >