Security Basics mailing list archives
Re: SSH server under attack...
From: Josh Chaney <draino () gmail com>
Date: Tue, 24 Jan 2006 16:17:03 -0700
Lots of things you can do to prevent it from locking out accounts, but there's no real way to stop him from eating your bandwidth. Do the real users who SSH into this machine need access from outside of your local network? If they don't, just use iptables to block or drop any packets to that port from the outside. I believe the SSH configuration should allow you to do this as well. If they do, then you might want to look into using something like Snort to automate the blocking of IP addresses that are doing something they shouldn't be. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- SSH server under attack... Dave (Jan 24)
- Message not available
- Re: SSH server under attack... Dave (Jan 25)
- Message not available
- Re: SSH server under attack... Josh Chaney (Jan 25)
- Re: SSH server under attack... Edward Krack (Jan 25)
- Re: SSH server under attack... Isaac Perez (Jan 25)
- Re: SSH server under attack... Juan Hernandez (Jan 29)
- Message not available
- Re: SSH server under attack... Dave (Jan 25)
- Re: SSH server under attack... Bryan S. Sampsel (Jan 26)
- Re: SSH server under attack... Dave (Jan 25)
- Re: SSH server under attack... Robert Larsen (Jan 25)
- Re: SSH server under attack... Ansgar -59cobalt- Wiechers (Jan 26)
- Re: SSH server under attack... Rembrandt (Jan 26)
- Re: SSH server under attack... Jason Mitchell (Jan 25)
- Re: SSH server under attack... Teemu A. (Jan 26)