Question bruteforcing
David Cary Hart
Fedora at TQMcube.com
Tue May 30 02:03:24 UTC 2006
On Mon, 29 May 2006 17:03:46 -0500, Mike C <Mikec1 at bigriver.net>
opined:
> What exactly is bruteforcing and is their away to stop it in fedora
> without useing a router or firewall box?
>
> Thanks for any help
>
It's an attempt (usually with hacker software) to crack the root
password by trying with a burst of many different password forms.
The best defense that I know of (and I use) is swatch. Swatch watches
a log for RegEx patterns and then executes a script when it is
matched (such as immediately adding a rule to IPTables. This way the
potential hacker only gets one shot.
More fundamentally, sshd should only be permitted if absolutely
necessary and then restricted to known IPs that need ssh access.
--
Our DNSRBL - Eliminate Spam: http://www.TQMcube.com
Multi-RBL Check: http://www.TQMcube.com/rblcheck.php
The Dirty Dozen Spammiest Ranges: http://tqmcube.com/dirty12.php
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060529/99984936/attachment-0001.sig>
More information about the fedora-list
mailing list