Re: SSH scans vs connection ratelimiting
Hello!
On Sat, 19 Aug 2006, Pieter de Boer wrote:
> For months now, we're all seeing repeated bruteforce attempts on SSH. I've
> configured my pf install to ratelimit TCP connections to port 22 and to
I wonder why OpenSSH still doesn't support simple and nice feature of
SSH.COM's sshd2_config:
LoginGraceTime 60
AuthInteractiveFailureTimeout 10
These settings effectively cause robots to stop the scan for me. Every
scan attempt gives only 1..N failed attempts (where N=number of
externally-reachable and SSH-served IPs on machine if robot is capable of
simultaneous scan of several IPs), so I can just ignore them.
Sincerely, Dmitry
--
Atlantis ISP, System Administrator
e-mail: dmitry@atlantis.dp.ua
nic-hdl: LYNX-RIPE
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 12 之 16 篇):