Date: Mon, 13 Nov 2006 21:16:35 +0100 From: Erik Norgaard <norgaard@locolomo.org> To: "Leo L. Schwab" <ewhac@best.com> Cc: freebsd-questions@freebsd.org Subject: Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong? Message-ID: <4558D2A3.50904@locolomo.org> In-Reply-To: <20061113060528.GA7646@best.com> References: <20061113060528.GA7646@best.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Leo L. Schwab wrote: > I recently installed FreeBSD 6.1 on my gateway. It replaced an > installation of FreeBSD 4.6.8 (fresh install, not an upgrade) on which I had > disabled the SSH server. Since all the bugs in SSH are fixed now ( :-) ), I > thought I'd leave the server on, and am somewhat dismayed to discover that I > now get occasional brute-force/dictionary attacks on the port. Whichever service you have running, if you look in the log you will find attempts of attack, ssh is no different, it's a target. Honestly, I wouldn't worry about it: review your config and make some simple choices to reduce the noise, see this article: http://www.securityfocus.com/infocus/1876 Rather than reposting myself - this issue is regularly debated, I think last time (or last time I participated) was debated 19-09-2006. Check the archive. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4558D2A3.50904>