[CentOS] sshd hack
lists at starground.it
Fri Mar 10 21:55:43 UTC 2006
Do a search for "ssh-faker" - I've found this very effective.
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf
Of Jim Perrin
Sent: 10 March 2006 21:44
To: CentOS mailing list
Subject: Re: [CentOS] sshd hack
On 3/10/06, Chris Mauritz <chrism at imntv.com> wrote:
> I'm not really a programmer and I recently came across this hack to
> insert a short sleep statement into auth-passwd.c within sshd. It
> seems to quickly confuse automated dictionary attacks. I've moved
> sshd to higher ports but apparently the cretins are now scanning to
> look for that and attacking on whatever port sshd shows up on.
> Anyway, the link to the hack is here:
> Just wondering if any of the wizened programmers out there can think
> of any reason why this would be a bad thing to do.
Messing with sshd source isn't something I'm ready to play around with. I'd
rather farm it out to a 3rd party wrapper like denyhosts to block this crap.
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety''
Benjamin Franklin 1775
CentOS mailing list
CentOS at centos.org
More information about the CentOS