lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20100617110003.5e40dfa8b2f4f620cdf199af6efb8890.dc194ca64c.wbe@email02.secureserver.net>
Date: Thu, 17 Jun 2010 11:00:03 -0700
From: <dink@...inkydink.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: targetted SSH bruteforce attacks


Um, yeah... that's exactly what I recommend in the article, which I'm
sure you read. ;o)

The original suggestion was "If you want SSH on a different port, do
this with firewall rules".

Way too much work, IMO.

-------- Original Message --------
Subject: Re: [Full-disclosure] targetted SSH bruteforce attacks
From: Michael Holstein <michael.holstein@...ohio.edu>
Date: Thu, June 17, 2010 1:35 pm
To: dink@...inkydink.com
Cc: full-disclosure@...ts.grok.org.uk


> Note that with iptables you can leave ssh on port 22 but have it answer
> on other ports. See http://proxyobsession.net/?p=869
> 

Or just change the entry in ./etc/sshd_config

# What ports, IPs and protocols we listen for
Port 22

>>From man(5)sshd_config :

Port: Specifies the port number that sshd(8) listens on. The default
is 22. Multiple options of this type are permitted. See also
ListenAddress.

Cheers,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ