NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: help? fighting ssh user/password guessing attempts



In article <5D831111-8A91-442A-BD9F-AB04F89C0B1A%webkeks.org@localhost>,
Jonathan Schleifer  <js-netbsd-users%webkeks.org@localhost> wrote:
>-=-=-=-=-=-
>
>Am 15.10.2008 um 21:21 schrieb Volkmar Seifert:
>
>> First of all...yes, everyone running an sshd has this problem, and no,
>> switching to an arbitrary port is no help at all. Obscurity is no
>> security, it does only delay the inevitable. I've seen such attacks  
>> on the
>> weirdest ports.
>
>Nonsense, it's not security by obscurity, as there isn't even a  
>security risk. It's just annoying to get the logs spammed, that's all.  
>And another port solves that, as all botnets only try to connect on  
>port 22.

It is definitely help as the attacker needs to port-scan to find
the open ssh port so it costs the attacker a lot more per host both
in time and bandwidth.

christos



Home | Main Index | Thread Index | Old Index