Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Gerard Seibert
gerard at seibercom.net
Mon Nov 13 18:10:39 UTC 2006
On Monday 13 November 2006 10:11, Frank Staals wrote:
> The point is it isn't security through obscurity: as allready pointed
> out, FreeBSD & sshd can withstand those brute force attacks without much
> of a problem so there is no security problem, the only thing is those
> brute force attacks are anoying since they cloud authd.log If those
> attacks WERE a problem, or if there was a system which you could log in
> without user & pass if you would find out the correct port then, but
> only then, it is a bad idea ....
Given enough time, every user/password combination can be broken. Perhaps
not in your lifetime, but it is still a real possibility. Given the
relative ease of setting up keys and simply dispersing with user/passwords
all together, I fail to see why more users do not avail themselves of this
avenue of security. Then again, I don't know how San Diego came back to
beat Cincinnati yesterday either.
Anyway, each to his own!
--
Gerard
A word to the wise is often enough to start an argument.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20061113/37b87cf0/attachment.pgp
More information about the freebsd-questions
mailing list