Firewall Wizards mailing list archives
Re: RE: SSH brute force attack
From: Mark Ness <noneinc () gte net>
Date: Tue, 19 Jul 2005 11:38:50 -0700
I have seen lots of views on this subject, and if your security is good, the chances of any of these attacks getting in are minimal, but the possibility is there, and, since these are not customers viewing our home pages, but deliberate attempts at a login through ssh where they have no business trying to l login in the first place (many of them attempts at root) they are only interested in breaking in for whatever purpose, who knows. Maybe just for the challenge? Maybe to hijack your box? Maybe ID theft?
Brian Loe wrote:
Kind of risk losing customer access taking this route, don't you? For that matter, shouldn't some security group focus on chasing down the criminals?Curious on the group's take.-----Original Message-----From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Mark NessSent: Saturday, July 09, 2005 11:51 PM To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] RE: SSH brute force attack Mathew Want wrote:I would like to hear any suggestions or thoughts anyone mayhave on this.... There is a script to blacklist Illegal attacks at http://www.bwongar.com/articles/105
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: SSH brute force attack Paul Melson (Jul 01)
- <Possible follow-ups>
- Re: SSH brute force attack Mark Tinberg (Jul 01)
- RE: SSH brute force attack Mathew Want (Jul 01)
- Re: SSH brute force attack David Ross (Jul 05)
- Re: SSH brute force attack Marko Jakovljevic (Jul 06)
- RE: SSH brute force attack Mark Ness (Jul 18)
- Re: RE: SSH brute force attack Mark Ness (Jul 21)
- Re: RE: SSH brute force attack Christine Kronberg (Jul 21)