Mailinglist Archive: opensuse (1570 mails)
| < Previous | Next > |
Re: [opensuse] Coordinated, distributed ssh attacks?
- From: Roger Oberholtzer <roger@xxxxxx>
- Date: Mon, 05 Oct 2009 00:05:51 +0200
- Message-id: <1254693951.20306.8.camel@mantis>
On Sun, 2009-10-04 at 19:02 +0200, Per Jessen wrote:
The system that allows ssh access has only a few accounts. The few
passwords that exist are controlled and less than obvious. Perhaps they
might be found in a Martian dictionary. And it would have to be one of
the dead Martial languages you don't hear very often these days. I am
not trying to be cocky or over confident. I just wanted to point out
that the machine that is being attacked has little in the way of
accounts with simple minded passwords. Aside from ssh, it is a web
gateway to one specific internal machine, also with limited user
accounts and great control over passwords. Of course, no machine is
impregnable.
I think I will be moving sshd to another less-obvious port.
--
Roger Oberholtzer
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
John Andersen wrote:
Per Jessen wrote:
Roger Oberholtzer wrote:
On Sat, 2009-10-03 at 17:27 +0200, Hans Witvliet wrote:
My ssh access is password protected. It is not so much that someone
hence i would recommend using keys and disable all password-logins.
Other suggestion, use a VPN.
gets in (although I keep an eye open), but rather all the attempts
eat resources.
Roger, that's almost certainly the first time I've heard anyone say
that - I couldn't care less about the resources wasted by ssh brute
force attacks (as long as they're not actually denial-of-service),
but I care a lot about anyone getting in.
The system that allows ssh access has only a few accounts. The few
passwords that exist are controlled and less than obvious. Perhaps they
might be found in a Martian dictionary. And it would have to be one of
the dead Martial languages you don't hear very often these days. I am
not trying to be cocky or over confident. I just wanted to point out
that the machine that is being attacked has little in the way of
accounts with simple minded passwords. Aside from ssh, it is a web
gateway to one specific internal machine, also with limited user
accounts and great control over passwords. Of course, no machine is
impregnable.
I think I will be moving sshd to another less-obvious port.
--
Roger Oberholtzer
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |