DDOS ssh brute force attacks

http://isc.sans.edu/diary.html?storyid=9034

http://www.dreamhoststatus.com/2010/06/19/ssh-connection-issue-affecting-servers/

Looks like a change on the force attack to attempt also to use auth keyboard-interactive in their methods.

I have two days seeing at my server logs from denyhosts… but looks like it’s bigger than I thought.

Esta entrada fue publicada en Sin categoría. Guarda el enlace permanente.

1 respuesta a DDOS ssh brute force attacks

  1. Gunnar dijo:

    When I had my last wave of such attacks, I moved the ssh service to a high port (of course, that is not always an option) and rate-limited with iptables to four connections per minute (except from trusted networks, as it is a PITA when it bites you!)

    It really helped.

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.