From owner-freebsd-questions@FreeBSD.ORG Tue Jun 23 07:45:06 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0DE23106564A for ; Tue, 23 Jun 2009 07:45:06 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 620C18FC1F for ; Tue, 23 Jun 2009 07:45:05 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from significant-gravitas-shortfall.thebunker.net (gateway.ash.thebunker.net [213.129.64.4]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.3/8.14.3) with ESMTP id n5N7iYC3037979 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 23 Jun 2009 08:44:35 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.8.3 smtp.infracaninophile.co.uk n5N7iYC3037979 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infracaninophile.co.uk; s=200708; t=1245743075; bh=IoreZewrPTC3hu5o89ANN48Myq++pZZ9Ea9xGWzesEA=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Cc:Content-Type:Date:From:In-Reply-To: Message-ID:Mime-Version:References:To; z=Message-ID:=20<4A4087DB.5010700@infracaninophile.co.uk>|Date:=20T ue,=2023=20Jun=202009=2008:44:27=20+0100|From:=20Matthew=20Seaman= 20|Organization:=20Infracaninophi le|User-Agent:=20Thunderbird=202.0.0.21=20(X11/20090515)|MIME-Vers ion:=201.0|To:=20Wojciech=20Puchar=20|CC:=20Benjamin=20Lee=20,=20=0D=0A=20Daniel=20U nderwood=20,=0D=0A=20freebsd-questions@freeb sd.org|Subject:=20Re:=20Best=20practices=20for=20securing=20SSH=20 server|References:=20=09<4A403324.6090300@b1c1l1.com>=20|In-Reply-To:=20|X-Enigmai l-Version:=200.95.7|OpenPGP:=20id=3D60AE908C|Content-Type:=20multi part/signed=3B=20micalg=3Dpgp-sha1=3B=0D=0A=20protocol=3D"applicat ion/pgp-signature"=3B=0D=0A=20boundary=3D"------------enig7F126A8A 80C99D6BDA7E1D00"; b=xSIKmHbGX/ewqaxQahoAtIUvr+xZ92RugyVCV5EQ+BL5m7aa0NSx+5HXAYx7L5/wm Qk4aDYkQYFl7iVJEx4ZhvSdw8jIglEmtZuaDv8INoAb6HdUFUhaajabm6G+3P5G+LO yhcpmQk14cZjz8mYYW36H7sqJUfMR9nqgPtZAKFo= X-Authentication-Warning: happy-idiot-talk.infracaninophile.co.uk: Host gateway.ash.thebunker.net [213.129.64.4] claimed to be significant-gravitas-shortfall.thebunker.net Message-ID: <4A4087DB.5010700@infracaninophile.co.uk> Date: Tue, 23 Jun 2009 08:44:27 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.21 (X11/20090515) MIME-Version: 1.0 To: Wojciech Puchar References: <4A403324.6090300@b1c1l1.com> In-Reply-To: X-Enigmail-Version: 0.95.7 OpenPGP: id=60AE908C Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig7F126A8A80C99D6BDA7E1D00" X-Virus-Scanned: clamav-milter 0.95.2 at happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VERIFIED,SPF_FAIL autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on happy-idiot-talk.infracaninophile.co.uk Cc: Benjamin Lee , Daniel Underwood , freebsd-questions@freebsd.org Subject: Re: Best practices for securing SSH server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jun 2009 07:45:06 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7F126A8A80C99D6BDA7E1D00 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Wojciech Puchar wrote: >> If for some reason you would prefer to use password authentication, I >> would recommend that you look into automatic brute force detection. >> There are a number of utilities in ports available for this purpose, >> including security/sshguard and security/denyhosts. >=20 > good, but not really important with properly chosen password. > You can't do more than maybe 10 attempts/second this way, while crackin= g > 10 character password consisting of just small letters and digits needs= 10 characters is a longer than usual password. Most people have been conditioned into using a 7 or 8 character password, which is at least a 1000 times easier to crack using your measure. (Still a pretty big possible space though). > 36^10=3D3656158440062976 possible passwords, and over 11 milion years t= o > check all possibilities, so say 100000 years if someone is really lucky= > and will get it after checking 1% possible password. There is a very big flaw in your analysis here. You're assuming that the passwords people might use are randomly and evenly distributed over the whole possible password space. That is simply untrue. A lot of people -- perhaps the majority -- will use a password consisting of an English word, possibly with StUdLy CaPs or 3lite SP3LL1NG and with some random extra characters!*99 tacked on[*]. That's a whole lot smaller search space -- and it must be possible to brute-force passwords or it wouldn't be worthwhile for the brute-force attackers to keep trying. Agreed however that if people can be educated to use good passwords then a brute force attack like this really is unfeasible. I like apg(1) for generating passwords where there is no alternative to using strong crypto. > Of course - you must not look at logs in 100000 years and not see this > 10 attempts per second. Sure. My experience is that any machine on the internet with a port 22 listener will attract about 2 to 5 brute force attackers a day -- that is, a sequence of brute force attempts originating from 2 -- 5 independent IPs per day. In fact, given that you have taken reasonable measures like using ssh keys exclusively or enforcing strong passwords then the biggest problems caused by these sort of attacks are the drain on system resources and the excess verbiage in log files. Getting rid of that is why I like to implement connection-rate based SSH blocking via pf(4) -- not because it gives any extra security. > I give this example against common paranoia that exist on that group - > mix of real "security paranoid" persons and pseudo-experts that like to= > repeat "intelligent" phrases to show up themselves. >=20 > Actually - there is no need for extra protection for ssh, but for human= s. >=20 > 99% of crack attempts are done by "kevin mitnick" methods, not password= > cracking. Absolutely true. Mitnick was an early exponent of Social Engineering attacks, which are still the easiest and most effective methods for breaking computer security. Now, if we could just get rid of all the users, our lives as Sys Admins would be a whole lot easier... Cheers, Matthew [*] It's amazing how many people, when you tell them to use a mix of upper and lower case letters, just capitalize the *first* letter of their password. --=20 Dr Matthew J Seaman MA, D.Phil. Flat 3 7 Priory Courtyard PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW, UK --------------enig7F126A8A80C99D6BDA7E1D00 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpAh+IACgkQ3jDkPpsZ+VahZQCgi18fEOa26Nl5g+u+81jCa+IG PJ0AmQGupxw+LD+eyJuDw+3SaEU7JjHk =cBIN -----END PGP SIGNATURE----- --------------enig7F126A8A80C99D6BDA7E1D00--