[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] targetted SSH bruteforce attacks
- To: Xin LI <delphij@xxxxxxxxx>, Gary Baribault <gary@xxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] targetted SSH bruteforce attacks
- From: Paul Schmehl <pschmehl_lists@xxxxxxxxx>
- Date: Thu, 17 Jun 2010 15:21:47 -0500
--On Thursday, June 17, 2010 11:04:52 -0700 Xin LI <delphij@xxxxxxxxx> wrote:
> On FreeBSD you can probably just use the following pf.conf line to
> block most of such attacks:
>
> block in quick proto tcp from any os "Linux" to any port ssh
>
> (Note that with this you may lose the ability to login from any Linux
> based box including from an Android phone, etc)
>
> Of course it's wise to disable password authentication and just use
> public key authentication.
Why? Ssh is encrypted, so you're not exposing a password when you login. How
does public key authentication make you more secure (in a practical sense)?
--
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/