[CentOS] duqu

Wed Nov 30 18:40:52 UTC 2011
m.roth at 5-cent.us <m.roth at 5-cent.us>

Les Mikesell wrote:
> On Wed, Nov 30, 2011 at 12:05 PM,  <m.roth at 5-cent.us> wrote:
>> Are your root passwords strong?
> I've always wondered why something as complex as sshd doesn't do
> anything to protect you from the simplest form of attack - like
> rate-limiting failed attempts.

Well, it does take time to respond to failed passwords, in my experience.
>From the example in the Kaspersky Labs post, either they tried over a
period of time (low-level persistent threat), or it was a stupidly weak
password (or had never been changed).

We also run fail2ban, that slows them down a *lot* more.