[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: SSH and Telnet ports

To: or-talk@xxxxxxxxxxxxx
Subject: Re: SSH and Telnet ports
From: "Marco Bonetti" <marco.bonetti@xxxxxxxxxxxx>
Date: Mon, 15 Dec 2008 08:41:16 +0100 (CET)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 15 Dec 2008 02:41:31 -0500
Importance: Normal
In-reply-to: <f63c4b2d0812141015q39c22941w856af2853230e165@xxxxxxxxxxxxxx>
References: <f63c4b2d0812141015q39c22941w856af2853230e165@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: SquirrelMail/1.4.6

Hi,
there should be an ongoing "new" bruteforce attack against ssh, take a
look at http://www.theregister.co.uk/2008/12/08/brute_force_ssh_attack/
I don't see any reason, for now, on worrying about it. Use the programs
already suggested on this list to ban hosts (which could cause some
interesting side effects if you're denying connections between your relay
and other tor nodes) or, simpler, move ssh on a non standard port. It's a
bit of "security through obscurity" but, at least, it's greatly effective
in cutting out script kiddies traffic (and leaving in only the more
interested attackers :-P ).

ciao

-- 
Marco Bonetti
BT3 EeePC enhancing module: http://sid77.slackware.it/bt3/
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/
My webstuff: http://sidbox.homelinux.org/

My GnuPG key id: 0x86A91047

Follow-Ups:
- Re: SSH and Telnet ports
  - From: Christopher Davis

References:
- SSH and Telnet ports
  - From: Mitar

Prev by Author: Re: Discovering Than Several Accounts Belong To One Person
Next by Author: Re: Bittorrent packets
Previous by thread: Re: SSH and Telnet ports
Next by thread: Re: SSH and Telnet ports
Index(es):
- Author
- Thread