Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Choosing Secure Passwords / SSH Brute-Force Attacks

  1. #11
    Junior Member Newbie
    Join Date
    May 2007
    Posts
    2

    Default

    Just to add to the list, my favortite solution is DenyHosts (you'll have to Google it, since the forum sez I'm too much of a noob here to be allowed to post a url). This is especially nice if you are on the road a lot and are never sure where you will be logging in from (as opposed to having a couple of trusted ip's and denying everything else).

    This little script not only collects ip's after 3 (or however many) unsuccessful login attempts and denys them, but also optionally communicates with other DenyHosts daemons and synchronizes with their collection of ip's (spoofed as they may be).

    Of course, if you find that you have locked yourself out with this (happened to me in a hotel where the ip was on the list for some reason), you can just use webmin to rename your hosts.deny file long enough to log in and allow the ip. The script also gives you the satisfaction of sending you an email when it denys a new host.

    Anyway, no substitute for secure passwords, but it sure has cleaned up my logs and it's kinda fun.
    Last edited by oscarf; 05-25-2007 at 05:06 AM.

  2. #12
    Junior Member Newbie
    Join Date
    Apr 2007
    Posts
    23

    Default

    Also a really good way to deter attacks is to disable keyboard authentication and plaintext passwords. Right now I have it by key authentication only.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •