[ILUG] SSH dictionary attacks.
colm at tuatha.org
Wed Aug 23 12:08:03 IST 2006
On 23 Aug 2006, at 11:54, Aine Douglas wrote:
> I'm getting sick of seeing log entries for SSH dictionary attacks, the
> latest coming in the middle of me watching a live log while trying to
> solve a problem.
One thing I've found extremely useful is the implementation of port
knocking; whereby the SSH port doesn't open up to a given client
until a connection attempt has been made to some other port. This is
easily-implementable using iptables (and is pretty well supported by
most iptables-generator systems such as Shorewall).
See http://www.shorewall.net/PortKnocking.html for more.
This doesn't answer your question, but might provide a different way
of solving your problem.
Colm Buckley / colm at tuatha.org / +353 87 2469146 / www.colm.buckley.name
More information about the ILUG