Do a search for "ssh-faker" - I've found this very effective.
Daveh
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jim Perrin Sent: 10 March 2006 21:44 To: CentOS mailing list Subject: Re: [CentOS] sshd hack
On 3/10/06, Chris Mauritz chrism@imntv.com wrote:
I'm not really a programmer and I recently came across this hack to insert a short sleep statement into auth-passwd.c within sshd. It seems to quickly confuse automated dictionary attacks. I've moved sshd to higher ports but apparently the cretins are now scanning to look for that and attacking on whatever port sshd shows up on.
Anyway, the link to the hack is here:
http://www.aerospacesoftware.com/ssh-kiddies.html
Just wondering if any of the wizened programmers out there can think of any reason why this would be a bad thing to do.
Messing with sshd source isn't something I'm ready to play around with. I'd rather farm it out to a 3rd party wrapper like denyhosts to block this crap.
-- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety'' Benjamin Franklin 1775 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos