[ale] 300,000 failed login attempts in 6 months!!!
James Taylor
James.Taylor at eastcobbgroup.com
Tue Aug 19 20:09:10 EDT 2008
On my system, end-users don't get to use ssh.
-jt
James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com
>>> "Stephen Benjamin" <skbenja at gmail.com> 8/19/2008 06:13 PM >>>
They scan more than one port, and *some* attempt service identification,
which is easy with SSH. But moving it to a non-standard port will reduce
but not eliminate attacks. It'll also confuse end users if you have any who
aren't technical.
On Tue, Aug 19, 2008 at 6:09 PM, Brian Pitts <brian at polibyte.com> wrote:
> Michael B. Trausch wrote:
> > On Tue, 2008-08-19 at 12:12 -0400, Jim Popovitch wrote:
> >> New? No. SSH brute force attempts are not new. You, as a target,
> >> might be new. ;-)
> >>
> >> Save yourself some trouble and run SSHD on a non-standard port.
> >
> > I keep seeing this said over and over again, and I keep wondering: Are
> > the attackers _really_ that stupid? Wouldn't a simple portscan prior to
> > attempting to attack get rid of any benefit that this would provide?
>
> I assume they scan... port 22. If ssh isn't there either it's not
> running or there's a smart admin. Either way that system is not an
> inviting target.
>
> -Brian
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
More information about the Ale
mailing list