[mythtv-users] Semi-OT: Blocking Brute Force SSH attacks
Yan Seiner
yan at seiner.com
Fri Oct 19 16:56:18 UTC 2007
Jay R. Ashworth wrote:
> If you've tunneled SSH traffic through to your Mythbox, you're likely
> the target of brute-force SSH attacks, some of which might well work.
>
> The most elegant solution I've found so far is here:
>
> http://www.la-samhna.de/library/brutessh.html#5
>
> This won't block attacks that "know" about a specific bug in your sshd,
> so you need to stay updated, but for the dictionary attacks it will
> work nicely, and it'll sure keep your logs from growing without
> bounds...
You can also do this with iptables. There is also a setting in sshd
itself that allows only so many connections / unit time.
But none of this will help you if you are the subject of a concerted,
persistent, distributed attack - only picking a really good password,
not allowing root ssh access, and monitoring logs will keep you safe....
--
o__
,>/'_ o__
(_)\(_) ,>/'_ o__
Yan Seiner (_)\(_) ,>/'_ o__ o__
Certified Personal Trainer (_)\(_) ,>/'_ ,>/'_
Licensed Professional Engineer (_)\(_) (_)\(_)
'man' is short for 'manual' because it's very short, for a manual.
More information about the mythtv-users
mailing list