Heads up: Brute force attacks on the rise recently
Konstantin Svist
fry.kun at gmail.com
Wed Oct 28 23:13:24 UTC 2009
On 10/28/2009 04:03 PM, Michael Cronenworth wrote:
> -Make sure your root password is not a dictionary word.
> -Add iptables rules to limit multiple connections on SSH to 4 within a
> minute.[1] Perhaps this needs to become a Fedora default.
> -Update your system.
> -Use SELinux.
Depending on situation, other measures to contain this problem:
* moving ssh to a different port (something > 1024)
brute force scripts will usually check port 22 only - a different
port will likely be checked only if attack is targeted
* switching to public/private key authentication
even with a bad password, the private key is much more secure against
a script kiddie. It helps against targeted attacks too, but can't rule
them out.
Also, IIRC, in F10/11 SSHd is disabled by default. That could be because
I usually use LiveCD install, though.
More information about the users
mailing list