Lock out after to many login attempts?

Alexander Dalloz ad+lists at uni-x.org
Tue Nov 9 02:59:53 UTC 2004

Am Di, den 09.11.2004 schrieb Jamie McParland um 3:50:

> Yea.. I notice I get a bunch of login attempts for ssh everyday using logins
> that don't exist. I have strong passwords, but I would rather not have
> people banging on my box.

Yes, we all see the script kids trying to login via SSH on boxes with
very weak password protection. This topic has been discussed to extend
here on the list. I think the last thread about it was "More SSH
'trolling'". If searching the list archive for "ssh" in the subject line
you will find much more.

A quick and easy thing is to let the SSH daemon listen on a different,
unused high port. This is nothing which brings security! But the scripts
actually run only against port 22, and you will see no more attempts.
This is my experience for the moment. There seem to be enough soft
victims so that attackers actually feel no need to improve their

> I guess the software I was thinking of was portsentry... But now that I
> think about it, portsentry might not be what I need.

Yes, portsentry won't help because you can only let watch it for unused


Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.8-1.521smp 
Serendipity 03:56:32 up 20 days, 1:36, load average: 0.48, 0.54, 0.43 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20041109/de9c78bb/attachment-0002.bin 

More information about the users mailing list