X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Message-ID: <dd3cefac0802171653m6c0e4b9fu725d080761ab6830@mail.gmail.com>
Date: Mon, 18 Feb 2008 00:53:32 +0000
From: "Adam Thompson" <adwulf AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Stop Brute Force Attack on SSH
In-Reply-To: <47b8d665.02fd220a.6f30.11eb@mx.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <47b8d665 DOT 02fd220a DOT 6f30 DOT 11eb AT mx DOT google DOT com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On 18/02/2008, Kyle Dawson <kyle DOT a DOT dawson AT gmail DOT com> wrote:
> How can I stop attacks on my ssh demon?   I see thousands of attempts every
> day.  I have, I believe good password policy but since I have clients,  not
> 100% sure.  Is there some config that  I can set?  One ip address comes in
> and tries for a day or so.  Can it see that it is the same ip and just
> deny?  Any tools that can help?
>
>
I have changed the port that my ssh daemon runs on.

Security through obscurity may be no security at all - but tell that
to my logfiles!


-- 
AdamT
"I've had death threats - well, OK, a petition."
 - Jack Dee

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/