30 Nov
2011
30 Nov
'11
6:40 p.m.
Les Mikesell wrote:
On Wed, Nov 30, 2011 at 12:05 PM, m.roth@5-cent.us wrote:
Are your root passwords strong?
I've always wondered why something as complex as sshd doesn't do anything to protect you from the simplest form of attack - like rate-limiting failed attempts.
Well, it does take time to respond to failed passwords, in my experience.
From the example in the Kaspersky Labs post, either they tried over a
period of time (low-level persistent threat), or it was a stupidly weak password (or had never been changed).
We also run fail2ban, that slows them down a *lot* more.
mark