Re: Logging passwords of SSH attacks

To: debian-user@lists.debian.org
Subject: Re: Logging passwords of SSH attacks
From: André Neves <andrechalella@gmail.com>
Date: Fri, 16 Jan 2009 17:54:45 -0200
Message-id: <[🔎] 69252e670901161154y1456be6ap94f3cde20e4bfe50@mail.gmail.com>
In-reply-to: <[🔎] 4970C272.3080706@lorentz.leidenuniv.nl>
References: <[🔎] 880dece00901151010m6322cf14if12d15939ba276be@mail.gmail.com> <[🔎] 20090116132458.GA11912@grassfield.co.uk> <[🔎] 880dece00901160804n1cb04b0bt4562e13b3be26dd7@mail.gmail.com> <[🔎] 4970BC63.1010203@lorentz.leidenuniv.nl> <[🔎] 880dece00901160916o3b5ed779o94901d5ab97f5412@mail.gmail.com> <[🔎] 4970C272.3080706@lorentz.leidenuniv.nl>

On Fri, Jan 16, 2009 at 15:22, Sjoerd Hardeman
<sjoerd@lorentz.leidenuniv.nl> wrote:
> But, wouldn't it be wise to run a honeypot on port 22, and a real ssh on a completely different port? Of course a good user/password choice isn't easily brute-forced, but not running a real ssh as a honeypot seems far more secure to me.

I strongly second this recommendation.

André

Reply to:

References:
- Logging passwords of SSH attacks
  - From: "Dotan Cohen" <dotancohen@gmail.com>
- Re: Logging passwords of SSH attacks
  - From: gavin@grassfield.co.uk (Gavin Elliot Jones)
- Re: Logging passwords of SSH attacks
  - From: "Dotan Cohen" <dotancohen@gmail.com>
- Re: Logging passwords of SSH attacks
  - From: Sjoerd Hardeman <sjoerd@lorentz.leidenuniv.nl>
- Re: Logging passwords of SSH attacks
  - From: "Dotan Cohen" <dotancohen@gmail.com>
- Re: Logging passwords of SSH attacks
  - From: Sjoerd Hardeman <sjoerd@lorentz.leidenuniv.nl>

Prev by Date: Thin clients
Next by Date: RE: Retrieving a bios updater from ibm.com
Previous by thread: Re: Logging passwords of SSH attacks
Next by thread: Re: Logging passwords of SSH attacks
Index(es):
- Date
- Thread