[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Question bruteforcing



On Mon, 29 May 2006 17:03:46 -0500, Mike C <Mikec1 bigriver net>
opined:
> What exactly is bruteforcing and is their away to stop it in fedora 
> without useing a router or firewall box?
> 
> Thanks for any help
> 
It's an attempt (usually with hacker software) to crack the root
password by trying with a burst of many different password forms.

The best defense that I know of (and I use) is swatch. Swatch watches
a log for RegEx patterns and then executes a script when it is
matched (such as immediately adding a rule to IPTables. This way the
potential hacker only gets one shot.

More fundamentally, sshd should only be permitted if absolutely
necessary and then restricted to known IPs that need ssh access.

-- 
Our DNSRBL - Eliminate Spam: http://www.TQMcube.com
Multi-RBL Check: http://www.TQMcube.com/rblcheck.php
The Dirty Dozen Spammiest Ranges: http://tqmcube.com/dirty12.php

Attachment: signature.asc
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]