10 Mar
2006
10 Mar
'06
10:32 p.m.
I'm not really a programmer and I recently came across this hack to insert a short sleep statement into auth-passwd.c within sshd. It seems to quickly confuse automated dictionary attacks. I've moved sshd to higher ports but apparently the cretins are now scanning to look for that and attacking on whatever port sshd shows up on.
Anyway, the link to the hack is here:
http://www.aerospacesoftware.com/ssh-kiddies.html
Just wondering if any of the wizened programmers out there can think of any reason why this would be a bad thing to do.
Cheers,