Security Incidents mailing list archives

Re: SSH attacks?

From: "Pieter-Bas IJdens" <pieter-bas () ijdens com>
Date: Thu, 29 Jul 2004 11:21:33 +0200 (CEST)

  Only after the first playround the test/guest attempts started so
  I was starting to think that whoever was probing my host from Korea
  was probably going with that. Now that my host is out of focus, I'm
  really relieved. :-)


If you are so worried about SSH security who don't you just  run sshd on a
non-standard port. Ever since I moved all externally listening ssh daemons
to a different port I didn't get any ssh probes anymore (obviously). Got
rid of all these ssh-worm attacks (good old days) in a second, and I
personally don't mind supplying people a port number with their
username/password. The same can be done for many other services that are
not port-bound. Kindof takes the fun out of automated subnet scans.

  Pieter-Bas

Current thread:

SSH attacks? Robin (Jul 27)
- Re: SSH attacks? Tobias Rice (Jul 27)
  - Re: SSH attacks? Chris Brenton (Jul 28)
- Re: SSH attacks? Josh Tolley (Jul 27)
- Re: SSH attacks? Chris Brown (Jul 27)
- Re: SSH attacks? Adam Young (Jul 27)
  - Re: SSH attacks? Christine Kronberg (Jul 29)
    - Re: SSH attacks? Pieter-Bas IJdens (Jul 29)
    - Re: SSH attacks? Christine Kronberg (Jul 29)
    - Re: SSH attacks? Pieter-Bas IJdens (Jul 30)
    - Re: SSH attacks? Frank Knobbe (Jul 30)
    - Re: SSH attacks? Jay D. Dyson (Jul 30)
    - Re: SSH attacks? Frank Knobbe (Jul 31)
    - Re: SSH attacks? mgotts (Jul 31)
    - Re: SSH attacks? Steve Schuster (Jul 29)
    - Re: SSH attacks? Merlijn Tishauser (Jul 30)
- Re: SSH attacks? Tom Laermans (Jul 27)
- Re: SSH attacks? buzz (Jul 27)

(Thread continues...)