Mail Archives: cygwin/2008/02/17/20:42:51
Yes, currently I disable root, disable password, (only allow keys). The one
idea I had as a last resort was to change the port from 22. Doing this
would require all users to update their client side. I was hoping to make a
change on the server, some software that could help protect ssh.
-----Original Message-----
From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com] On Behalf Of
Howard Chu
Sent: Sunday, February 17, 2008 7:08 PM
To: cygwin AT cygwin DOT com
Subject: Re: Stop Brute Force Attack on SSH
Kyle Dawson wrote:
> How can I stop attacks on my ssh demon? I see thousands of attempts
every
> day. I have, I believe good password policy but since I have clients,
not
> 100% sure. Is there some config that I can set? One ip address comes in
> and tries for a day or so. Can it see that it is the same ip and just
> deny? Any tools that can help?
I see the same thing once in a while. I've wanted an option for this as
well.
Sometimes I black-hole the offending IP address so I don't have to see the
failures in the log files any more.
In the meantime, I just disable password-based logins, and require everyone
to
use a public key.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -