Admins warned of brute-force SSH attacks

Admins warned of brute-force SSH attacks
Robert Lemos, SecurityFocus 2008-05-14

Allowing secure shell access to a server tends to attract the occasional attempt to guess a valid username and password for the service. However, a spike in attacks this week has system administrators worried.

Expand all | Post comment

Admins warned of brute-force SSH attacks 2008-05-15
Justin

Admins warned of brute-force SSH attacks 2008-05-15
DooMRunneR (1 replies)

Re: Admins warned of brute-force SSH attacks 2008-05-16
Anonymous

Admins warned of brute-force SSH attacks 2008-05-15
Anonymous (1 replies)

Re: Admins warned of brute-force SSH attacks 2008-05-19
Anonymous

Admins warned of brute-force SSH attacks 2008-05-15
Anonymous

Admins warned of brute-force SSH attacks 2008-05-16
Jeff Sadowski

Admins warned of brute-force SSH attacks 2008-05-17
Anonymous

Admins warned of brute-force SSH attacks 2008-05-27
Anonymous

Admins warned of brute-force SSH attacks 2008-11-28
Anonymous

Most of the comments missed the point of these attacks being 'low and slow' and/or distributed. Blocking scripts will not catch such attacks (I'm experiencing them now and am having a hard time blocking them). About the only thing that will mitigate this threat is to turn off SSH, move the listening port (which is more of security through obscurity), only allowing certain users, or only allowing certain IPs. These suggestions may be fine for home users with no corporate restrictions, but for corporations, solutions aren't so defined.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11518/35289#35289