[CentOS] sshd hack

Jim Perrin jperrin at gmail.com
Fri Mar 10 21:43:48 UTC 2006


On 3/10/06, Chris Mauritz <chrism at imntv.com> wrote:
> I'm not really a programmer and I recently came across this hack to
> insert a short sleep statement into auth-passwd.c within sshd.  It seems
> to quickly confuse automated dictionary attacks.  I've moved sshd to
> higher ports but apparently the cretins are now scanning to look for
> that and attacking on whatever port sshd shows up on.
>
> Anyway, the link to the hack is here:
>
> http://www.aerospacesoftware.com/ssh-kiddies.html
>
> Just wondering if any of the wizened programmers out there can think of
> any reason why this would be a bad thing to do.

Messing with sshd source isn't something I'm ready to play around
with. I'd rather farm it out to a 3rd party wrapper like denyhosts to
block this crap.

--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety''
Benjamin Franklin 1775



More information about the CentOS mailing list