Security Tip: Defending against brute force ssh attacks

UnderpaidLoveMonki @ 10:04 pm June 6th, 2007

Samhain Labs published an article on defending against brute force ssh attacks. It is very good and informative for those who have computers connected to the Internet with ssh enabled.

This entry was posted on Wednesday, June 6th, 2007 at 10:04 pm and is filed under Linux, Security, UnderpaidLoveMonki. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Security Tip: Defending against brute force ssh attacks”

Scott Rippee Says:
June 7th, 2007 at 11:33 pm
Ahhhh very interesting. I especially like the knockd trick.

I can’t believe that they didn’t mention:

1. Never run sshd on port 22. Autonomous bots will always find you and run through large sets of passwords trying to break in. I’ve seen my server logging hundreds upon hundreds of these a day. Every client allows port specification, so take advantage of it.

2. There is no reason to leave sshd and other personal services sitting out there visible to the public. Setup a VPN, it’s not so tough. Bind your non public services to only the VPN address.

Security Tip: Defending against brute force ssh attacks

One Response to “Security Tip: Defending against brute force ssh attacks”

Leave a Reply