Date: Mon, 3 Oct 2005 06:49:37 -0700 From: Randy Bush <randy@psg.com> To: Brett Glass <brett@lariat.org> Cc: freebsd-security@freebsd.org, Daniel Gerzo <danger@rulez.sk> Subject: Re: Repeated attacks via SSH Message-ID: <17217.14065.212429.584572@roam.psg.com> References: <6.2.3.4.2.20051002153930.07a50528@localhost> <1048266117.20051003001242@rulez.sk> <6.2.3.4.2.20051002162545.08f66558@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
> Of course, the problem is that if you need to get access in an > emergency from who-knows-where, you're pretty much stuck with > passwords unless you have a token system or a one time password > system (e.g. S/Key). (Which reminds me: Anyone have a good S/Key > implementation for the Palm Pilot?) sshv2 with keys for palm at <http://shrug.csl.uiuc.edu/~sachs/palm/>. works great on my treo 650. if at all possible, just don't allow passwords the ssh root and dict attacks have been going on for long over a year. some days we see more than 25,000 per target host, occasionally 100,000. it's so common that i started to grep it out of log reports ages ago. randy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17217.14065.212429.584572>