[ale] 300,000 failed login attempts in 6 months!!!

Stephen Benjamin skbenja at gmail.com
Tue Aug 19 18:13:04 EDT 2008


They scan more than one port, and *some* attempt service identification,
which is easy with SSH.  But moving it to a non-standard port will reduce
but not eliminate attacks.  It'll also confuse end users if you have any who
aren't technical.



On Tue, Aug 19, 2008 at 6:09 PM, Brian Pitts <brian at polibyte.com> wrote:

> Michael B. Trausch wrote:
> > On Tue, 2008-08-19 at 12:12 -0400, Jim Popovitch wrote:
> >> New?  No.  SSH brute force attempts are not new.  You, as a target,
> >> might be new. ;-)
> >>
> >> Save yourself some trouble and run SSHD on a non-standard port.
> >
> > I keep seeing this said over and over again, and I keep wondering:  Are
> > the attackers _really_ that stupid?  Wouldn't a simple portscan prior to
> > attempting to attack get rid of any benefit that this would provide?
>
> I assume they scan... port 22. If ssh isn't there either it's not
> running or there's a smart admin. Either way that system is not an
> inviting target.
>
> -Brian
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20080819/cf00dc06/attachment.html 


More information about the Ale mailing list