[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8E2058C4C5B8542155257508@utd65257.utdallas.edu>
Date: Thu, 17 Jun 2010 15:21:47 -0500
From: Paul Schmehl <pschmehl_lists@...rr.com>
To: Xin LI <delphij@...il.com>, Gary Baribault <gary@...ibault.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: targetted SSH bruteforce attacks
--On Thursday, June 17, 2010 11:04:52 -0700 Xin LI <delphij@...il.com> wrote:
> On FreeBSD you can probably just use the following pf.conf line to
> block most of such attacks:
>
> block in quick proto tcp from any os "Linux" to any port ssh
>
> (Note that with this you may lose the ability to login from any Linux
> based box including from an Android phone, etc)
>
> Of course it's wise to disable password authentication and just use
> public key authentication.
Why? Ssh is encrypted, so you're not exposing a password when you login. How
does public key authentication make you more secure (in a practical sense)?
--
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists