[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What to do about SSH brute force attempts?

Hash: SHA1

Michael Tautschnig wrote:

> Nevertheless, I'd like to do something about it more proactively, so I also
> contact the abuse mailboxes as obtained from whois. 

Thats pretty much the only thing you can do about it. But one should not
be too hopeful that ISPs do something against it. There are only few
abuse-desks who act upon abuse messages. My hope would be that ISPs
start to close down accounts of customers with bots on their computer
and only let them go back online after the customer has taken a basic
class in computer-security. But that's a dream not coming true.

> Further, what do you guys do about such attacks? Just sit back and hope they
> don't get hold of any passwords? Any ideas are welcome...

I'm using fail2ban to adjust my firewall-rules and my systems are
configured to only accept Key-authentication. That way, an attacker has
to get hold of my key AND passphrase.

Greetings, Andreas Moog
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Reply to: