Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 13 Nov 2006 06:08:03 -0500
From:      Gerard Seibert <gerard@seibercom.net>
To:        User Questions <freebsd-questions@freebsd.org>
Cc:        "Leo L. Schwab" <ewhac@best.com>, Frank Staals <frankstaals@gmx.net>
Subject:   Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Message-ID:  <20061113060356.E202.GERARD@seibercom.net>
In-Reply-To: <455836A2.6010004@gmx.net>
References:  <20061113060528.GA7646@best.com> <455836A2.6010004@gmx.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:


> I had the same 'problem'. As said it's not realy a problem since FreeBSD 
> will hold just fine if you don't have any rather stupid user + pass 
> combinations. ( test test or something like that ) Allthough I thought 
> it was annoying that my intire log was clouded with those brute force 
> attacks so I just set sshd to listen at an other port then 22. Maybe 
> that's a acceptable solusion for you ? You can change the ssd port in 
> /etc/ssh/sshd_config

Security through obscurity is a bad idea. Rather, use SSH key based
authentication exclusively.  Turn off all of the password stuff in
sshd_config.  Laugh at the poor fools trying to break in.


-- 
Gerard

     Mail from '@gmail' is rejected and/or discarded here. Don't waste
     your time!



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061113060356.E202.GERARD>