Secure Shell
a GOOD idea to harden OpenSSH! Mar 30 2011 07:19PM
nagygabor88 (nagygabor88 zoho com) (3 replies)
RE: a GOOD idea to harden OpenSSH! Mar 31 2011 07:39PM
Ward, Jon (Jon_Ward syntelinc com) (1 replies)
Re: a GOOD idea to harden OpenSSH! Apr 02 2011 10:37PM
Eric Jaw (naisanza gmail com)
Re: a GOOD idea to harden OpenSSH! Mar 31 2011 06:24PM
Joseph Spenner (joseph85750 yahoo com) (1 replies)
--- On Wed, 3/30/11, nagygabor88 <nagygabor88 (at) zoho (dot) com [email concealed]> wrote:

> From: nagygabor88 <nagygabor88 (at) zoho (dot) com [email concealed]>
> Subject: a GOOD idea to harden OpenSSH!
> To: "OpenSSH list" <secureshell (at) securityfocus (dot) com [email concealed]>
> Date: Wednesday, March 30, 2011, 12:19 PM
>
>
> if a user wants to connect to an ssh server then he have to
> wait a couple of seconds, then he can write his passphare.
> the "couple of seconds" is defined in the sshd config,
> e.g.: 2 seconds
> the method musn't show that the user have to wait 2 seconds
> to write his passphare.
>

This can already be similarly done using iptables, with entries such as:
$IPTABLES -N SSH_CHECK
$IPTABLES -I INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
$IPTABLES -A SSH_CHECK -m recent --set --name SSH
$IPTABLES -A SSH_CHECK -m recent --update --seconds 180 --hitcount 5 --rttl --name SSH -j LOG --log-prefix "SSH_brute_force "
$IPTABLES -A SSH_CHECK -m recent --update --seconds 180 --hitcount 5 --rttl --name SSH -j DROP

What this does: If I get more than 5 hits within 180 seconds, block them for 180 seconds.

[ reply ]
Re: a GOOD idea to harden OpenSSH! Apr 03 2011 07:17PM
Lamont Granquist (lamont scriptkiddie org) (1 replies)
Re: a GOOD idea to harden OpenSSH! Apr 06 2011 03:30AM
Mike Ramirez (gufymike gmail com)
Re: a GOOD idea to harden OpenSSH! Mar 31 2011 06:20PM
Christian Grunfeld (christian grunfeld gmail com) (1 replies)
Re: a GOOD idea to harden OpenSSH! Apr 02 2011 11:57AM
Aaron Toponce (aaron toponce gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus