Comments on: More SSH Brute Force Protection http://www.longren.org/more-ssh-brute-force-protection/ Certified & Decorated Thu, 09 Feb 2012 16:01:05 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Tyler http://www.longren.org/more-ssh-brute-force-protection/comment-page-1/#comment-470277 Tyler Wed, 13 Apr 2011 14:20:36 +0000 http://www.longren.org/2006/08/23/more-ssh-brute-force-protection/#comment-470277 Harald, Sshguard looks awesome! The other applications listed here are probably very much out of date, as this article was written back in 2006. Thank you so much for pointing Sshguard out to me! Harald, Sshguard looks awesome!

The other applications listed here are probably very much out of date, as this article was written back in 2006.

Thank you so much for pointing Sshguard out to me!

]]> By: Harald http://www.longren.org/more-ssh-brute-force-protection/comment-page-1/#comment-467773 Harald Sun, 10 Apr 2011 21:18:46 +0000 http://www.longren.org/2006/08/23/more-ssh-brute-force-protection/#comment-467773 Besides fail2ban and denyhost, check out SSHGuard ( http://www.sshguard.net ). It is written in C, it supports monitoring multiple log files at once, and it took me no time to install and get working. Besides fail2ban and denyhost, check out SSHGuard ( http://www.sshguard.net ). It is written in C, it supports monitoring multiple log files at once, and it took me no time to install and get working.

]]> By: jeffatrackaid http://www.longren.org/more-ssh-brute-force-protection/comment-page-1/#comment-204786 jeffatrackaid Wed, 02 Jul 2008 01:02:51 +0000 http://www.longren.org/2006/08/23/more-ssh-brute-force-protection/#comment-204786 I've used DenyHost with great success when we suspect SSH brute-force attacks on servers where we've little control over user behavior (such as web hosting systems). But I cannot stress enough how limiting access initially and adjusting SSH variables is the best method of security. MaxAuthAttempts, AllowUsers and similar variables can be added to ssh's configuration to reduce the likelihood of a brute force attack being successful. Also, forcing users to use 8 character passwords is very helpful, and of course using only keys to access root. I’ve used DenyHost with great success when we suspect SSH brute-force attacks on servers where we’ve little control over user behavior (such as web hosting systems).

But I cannot stress enough how limiting access initially and adjusting SSH variables is the best method of security.

MaxAuthAttempts, AllowUsers and similar variables can be added to ssh’s configuration to reduce the likelihood of a brute force attack being successful.

Also, forcing users to use 8 character passwords is very helpful, and of course using only keys to access root.

]]> By: zean.no-ip.info » More SSH Brute Force Protection http://www.longren.org/more-ssh-brute-force-protection/comment-page-1/#comment-30305 zean.no-ip.info » More SSH Brute Force Protection Fri, 25 Aug 2006 00:57:24 +0000 http://www.longren.org/2006/08/23/more-ssh-brute-force-protection/#comment-30305 [...] (more…)   [...] [...] (more…)   [...]

]]>