Mailinglist Archive: opensuse (1503 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: John Andersen <jsamyth@xxxxxxxxx>
  • Date: Sat, 03 Oct 2009 17:02:29 -0700
  • Message-id: <4AC7E615.5070705@xxxxxxxxx>
Per Jessen wrote:
Roger Oberholtzer wrote:

On Sat, 2009-10-03 at 17:27 +0200, Hans Witvliet wrote:


hence i would recommend using keys and disable all password-logins.
Other suggestion, use a VPN.
My ssh access is password protected. It is not so much that someone
gets in (although I keep an eye open), but rather all the attempts eat
resources.

Roger, that's almost certainly the first time I've heard anyone say
that - I couldn't care less about the resources wasted by ssh brute
force attacks (as long as they're not actually denial-of-service), but
I care a lot about anyone getting in.


/Per


I'm pretty sure you misinterpreted what Roger said.

He meant that his passwords are secure enough for his purposes.

All automated ssh attacks are looking for totally insanely simple
passwords, like "password".

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >