Educause Security Discussion mailing list archives
Re: significant incoming SSH volume
From: Brian Epstein <bepstein () IAS EDU>
Date: Wed, 14 Apr 2010 16:09:38 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/16/2010 10:03 PM, Michael J. Wheeler wrote:
On some of our linux servers, we're using an open-source piece of software (the name escapes me at the moment, I'm not the unix/linux guy)
We've had good luck with fail2ban (maybe that's what you are using?) for these types of brute force attacks. I'm still trying to get a usable set of rules for our IPS to do this across the network. Thanks, ep - -- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Network and Security Officer Institute for Advanced Study Key fingerprint = 128A 38F4 4CFA 5EDB 99CE 4734 6117 4C25 0371 C12A -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvGIQIACgkQYRdMJQNxwSqh4ACgrQc4mw61Lz8cg2OykJghMfzm +KoAoLU1yvMGhnJF9+Btgs3uPlSJ52o5 =0Q6Z -----END PGP SIGNATURE-----
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: significant incoming SSH volume Brian Epstein (Apr 14)