Date: Mon, 09 Aug 2010 23:20:26 -0700 From: Chuck Swiger <cswiger@mac.com> To: Matt Emmerton <matt@gsicomp.on.ca> Cc: questions@freebsd.org Subject: Re: ssh under attack - sessions in accepted state hogging CPU Message-ID: <0EBB2174-57FA-4FE9-981F-14A47FD6F0F0@mac.com> In-Reply-To: <ED433058084C4B0FAE9C516075BF0440@hermes> References: <ED433058084C4B0FAE9C516075BF0440@hermes>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Matt-- On Aug 9, 2010, at 8:13 PM, Matt Emmerton wrote: > I'm in the middle of dealing with a SSH brute force attack that is relentless. I'm working on getting sshguard+ipfw in place to deal with it, but in the meantime, my box is getting pegged because sshd is accepting some connections which are getting stuck in [accepted] state and eating CPU. > > I know there's not much I can do about the brute force attacks, but will upgrading openssh avoid these stuck connections? If I wasn't allowed to require that in order to SSH to arbitrary internal machines one would need to do a VPN session, the second choice would be to install the openssh port with tcpwrappers support + denyhosts. Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0EBB2174-57FA-4FE9-981F-14A47FD6F0F0>