Bag of Beans

I found this great little overview on defending your ssh server from script kiddies. This should be required reading for anyone running a ssh server.

During 2005, bute force attacks on the ssh (secure shell) service became pretty popular. These attacks are based on a rather simple idea: use an automated program for trying, one after the other, many combinations of standard or frequently used account names and likewise frequently used password (e.g.: guest/guest).

Defence methods

There are a number of methods to defend against such brute force attacks. The following list is intended to give an overview of them, and briefly mention their respective advantages and disadvantages.

• Strong passwords
• RSA authentication
• Using ‘iptables’ to block the attack
• Using the sshd log to block attacks
• Using tcp_wrappers to block attacks

• Link (via a thread in the CLUG mailing list)

This entry was posted on Wednesday, July 12th, 2006 at 11:33 and is filed under security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.