Blocking a slow-burning SSH bruteforce
J.D. Bronson
jd.bronson at hanadarko.com
Fri Jan 1 15:44:12 UTC 2010
On 1/1/10 9:19 AM, David Rawling wrote:
> Darn.
>
> 1 is out because 22 is the one port that most organisations (including
> mine) allow out of their networks for administering routers.
>
> 2 is unfortunately not an option (as a consultant I do work from many
> networks)
>
> 4 - again I might have to log in any time ...
>
> 3 seems the best approach.
>
> Thanks for your thoughts, it's good to get second opinions.
>
> Dave.
I understand using/needing port 22 opened...but what another widely used
port..like for Citrix (sp?) or something? - most firewalls have those
ports open.
As far as controlling login time and access, I meant something like this:
# Authentication:
LoginGraceTime 1m
MaxAuthTries 2
# Allow staff access and users no access
AllowGroups staff
--
J.D. Bronson
Information Technology
Aurora Health Care - Milwaukee WI
More information about the freebsd-questions
mailing list