Security Basics mailing list archives
Re: Brute force attacks
From: "Eric Stacey" <ejstacey () joyrex net>
Date: Thu, 31 May 2007 15:15:29 -0500
If you're talking about ssh brute-force attacks, you can stop/lessen them a couple ways. - Use key-based authentication only. - Implement something like DenyHosts ( http://denyhosts.sourceforge.net/ ) and don't typo too many times (and have a backup way in). -Eric
On 5/31/07, Ali, Saqib < docbook.xml () gmail com> wrote: > Brute force attack are common. I get tons of them every day. There is > not much you can do. > > saqib > http://www.full-disk-encryption.net > > On 5/31/07, Mohamad Mneimneh <Mohamad.Mneimneh () dargroup com > wrote: > > Hi List, > > > > I've been experiencing brute force dictionary attacks from various > > sources against my gateway. The attacker is trying all kinds of > > username/password combinations to get in. > > > > I have traced the source IP addresses on internet authorities such as > > Ripe, Arin & Apnic; the feedback I get is that "Country is really world > > wide". I then traced the IPs using visual route, and saw that their > > locations vary widely; some of them are in the US, some in China, others > > in Poland... > > > > What are my options in such a case? Have you ever experienced such a > > behavior? And what are the best practices that apply? > > > > Thank you, > > > > -Mohamad. > > > > > -- > Saqib Ali, CISSP, ISSAP > http://www.full-disk-encryption.net >
Current thread:
- Brute force attacks Mohamad Mneimneh (May 31)
- Re: Brute force attacks Ali, Saqib (May 31)
- Message not available
- Re: Brute force attacks Eric Stacey (May 31)
- Message not available
- Re: Brute force attacks David Bergert (May 31)
- Re: Brute force attacks Ali, Saqib (May 31)
- Re: Brute force attacks Manuel Arostegui Ramirez (May 31)
- <Possible follow-ups>
- Re: Brute force attacks krymson (May 31)