OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Johannes Franken (jfranken_at_jfranken.de)
Date: Thu Aug 08 2002 - 14:50:33 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    * Jeff Stewart <jstewartmaspremium.com> [2002-08-08 18:36 +0200]:
    > I'd like to protect myself against dictionary or brute force login attacks.
    > Is there a way within OpenSSH

    Sure, get used to using RSA keys and put this to your
    /etc/ssh/sshd_config then:

            Protocol 2
            RSAAuthentication yes
            PasswordAuthentication no

    > automatically blacklist an IP address after x number of failed login
    > attempts?

    that won't help, because the hacker can easily switch to another IP
    address. 

    -- 
Johannes Franken
 
Professional unix/network development
mailto:jfrankenjfranken.de
http://www.jfranken.de/

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here