[NTLUG:Discuss] SSH Dictionary Attacks
Chris Cox
cjcox at acm.org
Sat Dec 31 16:18:57 CST 2005
Thomas Cameron wrote:
> OK, this is just getting silly. I'm up to almost 10,000 dictionary
> attacks against my servers per day. The logwatch e-mails are freaking
> huge. I have been pretty much ignoring this stuff because I know that
> remote root logins are not possible and I know for sure we are using
> very strong passwords, but I am tired of the logfile silliness.
Oh.. in addition to moving the port restrict to only particular
usernames... and make them cryptic. Once in you can always
"su" or whatever you feel safe doing to become a different
user.
More information about the Discuss
mailing list