[darcs-users] ssh path
Ketil Malde
ketil.malde at bccs.uib.no
Fri Nov 23 08:41:22 UTC 2007
"Yitzchak Gale" <gale at sefer.org> writes:
> Unfortunately, on today's Internet any server with the standard SSH
> port open gets continuously hammered by hundreds of botnet zombies
> that try to find username/password combinations by brute force.
> Disabling password authentication does not help - the zombies still
> hammer you. So you just can't use the standard port anymore.
Run denyhosts (http://denyhosts.sourceforge.net/)! The statistics
probably vary with site popularity, but my logs show eight attacks
the last week, and since they are automatically blocked after a few
tries, this gives a total of 39 login attempts. So I wouldn't call it
"continously hammered". Most attacks try to login as 'root' or
'mysql', 'admin', 'staff', etc, and no sane admin would allow login to
those accounts anyway.
I only wish it was integrated with a tarpit, but I'm too lazy to
recompile the kernel to get the necessary functionality.
-k
--
If I haven't seen further, it is by standing in the footprints of giants
More information about the darcs-users
mailing list