Full Disclosure mailing list archives
Re: Distributed SSH username/password brute forceattack
From: A.L.M.Buxey () lboro ac uk
Date: Mon, 22 Oct 2007 21:34:19 +0100
Hi,
Oct 22 20:36:13 nms sshd[90657]: Failed password for invalid user gopher from 77.46.152.2 port 55120 ssh2
user/password authentication for SSH? one way of cleaning up your logs and killing this type of attack is to reconfigure your OpenSSH to only allow key based logins. stopped my 10M+ logfiles straight away (then the apache attacks were easier to see too ;-) ) alan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Distributed SSH username/password brute force attack Philipp (Oct 22)
- Re: Distributed SSH username/password brute forceattack cybergoth (Oct 22)
- Re: Distributed SSH username/password brute forceattack Valery Marchuk (Oct 22)
- Re: Distributed SSH username/password brute forceattack A . L . M . Buxey (Oct 22)
- Re: Distributed SSH username/password brute forceattack Anders B Jansson (Oct 22)
- Re: Distributed SSH username/password brute forceattack nocfed (Oct 23)
- Re: Distributed SSH username/password brute forceattack Vincent Archer (Oct 24)
- Re: Distributed SSH username/password brute forceattack A . L . M . Buxey (Oct 22)