Blocking a slow-burning SSH bruteforce

J.D. Bronson jd.bronson at hanadarko.com
Fri Jan 1 15:44:12 UTC 2010


On 1/1/10 9:19 AM, David Rawling wrote:
> Darn.
>
> 1 is out because 22 is the one port that most organisations (including
> mine) allow out of their networks for administering routers.
>
> 2 is unfortunately not an option (as a consultant I do work from many
> networks)
>
> 4 - again I might have to log in any time ...
>
> 3 seems the best approach.
>
> Thanks for your thoughts, it's good to get second opinions.
>
> Dave.

I understand using/needing port 22 opened...but what another widely used 
port..like for Citrix (sp?) or something? - most firewalls have those 
ports open.

As far as controlling login time and access, I meant something like this:

# Authentication:
LoginGraceTime 1m
MaxAuthTries 2

# Allow staff access and users no access
AllowGroups staff



-- 
J.D. Bronson
Information Technology
Aurora Health Care - Milwaukee WI


More information about the freebsd-questions mailing list