Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Frank Staals
frankstaals at gmx.net
Mon Nov 13 15:22:38 UTC 2006
Gerard Seibert wrote:
> On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
>
>
>
>> I had the same 'problem'. As said it's not realy a problem since FreeBSD
>> will hold just fine if you don't have any rather stupid user + pass
>> combinations. ( test test or something like that ) Allthough I thought
>> it was annoying that my intire log was clouded with those brute force
>> attacks so I just set sshd to listen at an other port then 22. Maybe
>> that's a acceptable solusion for you ? You can change the ssd port in
>> /etc/ssh/sshd_config
>>
>
> Security through obscurity is a bad idea. Rather, use SSH key based
> authentication exclusively. Turn off all of the password stuff in
> sshd_config. Laugh at the poor fools trying to break in.
>
>
>
The point is it isn't security through obscurity: as allready pointed
out, FreeBSD & sshd can withstand those brute force attacks without much
of a problem so there is no security problem, the only thing is those
brute force attacks are anoying since they cloud authd.log If those
attacks WERE a problem, or if there was a system which you could log in
without user & pass if you would find out the correct port then, but
only then, it is a bad idea ....
--
-Frank Staals
More information about the freebsd-questions
mailing list