Re: SSH Cracking Attempts
On 10/01/04 00:20, Jacob S wrote:
At this point I'm thinking tarpitting may provide the more thorough yet
tailored approach, but I'm still in the process of doing research on it.
And, depending on how it works, these two different approaches may be
worth using in parallel.
Please post what your research finds. I've been intimidated by the
technicalities, and the contradictions, in /etc/ssh/sshd_config, man
sshd_config, man ssh, /etc/pam.d/ssh, etc.
For example, /etc/ssh/sshd_config default settings/comments seem to
contradict man sshd_config for Use PAM.
I trust my current settings for security on sshd, but the complexity of
it all is beyond me, and I'm reluctant to add the lines you suggest for
fear of breaking something I don't understand. The idea here was to be
a less attractive target, though I've tightened down most of the
settings pretty seriously already. No need to let anyone rattle the
door knob until they tire, rather send them on their way much sooner.
I'll be reading the thread to see what you discover!