[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What to do about SSH brute force attempts?

> * Michael Tautschnig <mt@debian.org> [2008-08-21 07:35-0400]:
> > Hi all,
> > 
> > since two days (approx.) I'm seeing an extremely high number of apparently
> > coordinated (well, at least they are trying the same list of usernames) brute
> > force attempts from IP addresses spread all over the world. I've got denyhosts
> > and an additional iptables based firewall solution in place to mitigate these
> > since quite some time already and this seems to do the trick in terms of
> > blocking them fairly quickly.
> I hope you are aware that its very trivial for a non-privileged user
> on your system to issue a logger command to trigger a denyhosts DOS to
> lock out anyone they want.

Hmm, no, not really - how would that work?


Attachment: pgpwxyliarpjk.pgp
Description: PGP signature

Reply to: