[CentOS] ssh attack

Mon Feb 13 23:12:56 UTC 2006
Cleber P. de Souza <cleberps at gmail.com>

Use port knocking.
The iptables settings for port knocking is available at
Others port knocking methods are available in http://www.portknocking.org

On 2/13/06, Jim Perrin <jperrin at gmail.com> wrote:
> >
> > I have 2 questions. One, is there anything you can do to stop these
> > attempts, other than not running ssh?
> Welcome to script-kiddie 101.  You can use key based authentication
> instead of password based, which will help, or you can move ssh to an
> alternate port. by moving ssh off port 22, you'll eliminate virtually
> all of these probes.
> > And two, do those ssh attempts every 3 or 4 seconds slow down a box, or
> > put any strain on it?
> Theoretically, it reduces it a little, but in practice, you
> won't/shouldn't notice the difference. The most noticeable hit is to
> bandwidth, but even that should be reasonably small.
> --
> "They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety''
> Benjamin Franklin 1775
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

Cleber P. de Souza