From owner-freebsd-current@FreeBSD.ORG Sun Oct 5 20:21:55 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0DD5C106568B for ; Sun, 5 Oct 2008 20:21:55 +0000 (UTC) (envelope-from rik@inse.ru) Received: from mail.inse.ru (mail.inse.ru [144.206.128.1]) by mx1.freebsd.org (Postfix) with ESMTP id BB47A8FC20 for ; Sun, 5 Oct 2008 20:21:54 +0000 (UTC) (envelope-from rik@inse.ru) Received: from www.inse.ru (www.inse.ru [144.206.128.1]) by mail.inse.ru (Postfix) with ESMTPSA id ACBC533C51; Mon, 6 Oct 2008 00:21:53 +0400 (MSD) Message-ID: <48E920FC.50005@localhost.inse.ru> Date: Mon, 06 Oct 2008 00:18:04 +0400 From: Roman Kurakin User-Agent: Thunderbird 2.0.0.16 (X11/20080723) MIME-Version: 1.0 To: eculp References: <48E16E93.3090601@gmail.com> <48E4368E.4020404@gmail.com> <4046.82.41.242.250.1223173482.squirrel@mail.elegosoft.com> <20081005073409.62441itn43jvde80@econet.encontacto.net> In-Reply-To: <20081005073409.62441itn43jvde80@econet.encontacto.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org Subject: Re: SSH Brute Force attempts X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Oct 2008 20:21:55 -0000 eculp wrote: > Quoting sk@elegosoft.com: > >> mornin' >> >> Rich Healey wrote: >>>> Recently I'm getting a lot of brute force attempts on my server, in >>>> the >>>> past I've used various tips and tricks with linux boxes but many of >>>> them >>>> were fairly linux specific. >> >> >> disable pasword authentication OR use very strong passwords (24 chars) >> OR use OTP >> >> if it is applicable you could limit access by hosts (from=) >> >> nothing of the above is linux or BSD specific >> >> btw. Software to delay Login Attempts could be tricked. >> >>> Personally I find that changing the port to anything other than 22 >>> stops >>> a lot of the skiddie brute force attacks. Thats not to say you >>> shouldn't use something else as well - but it is something. >> >> it works for one of my servers too, but is security by obscurity > > It worked for me also but in addition I have started accepting ssh > from only known ip's but I always have a server with a known ip that > uses an alternative port for ssh that I can access from, lets say an > internet cafe or like, and then triangle to the server that I'm really > interested in. Hope that makes some sense. From internet cafe? And what about key-loggers? ;-) rik > > ed >> >> regards >> Stefan >> >> >> _______________________________________________ >> freebsd-current@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-current >> To unsubscribe, send any mail to >> "freebsd-current-unsubscribe@freebsd.org" >> > > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to > "freebsd-current-unsubscribe@freebsd.org"