Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: a record?

  • From: Jeroen Massar
  • Date: Mon Nov 14 17:50:32 2005
  • Openpgp: id=333E7C23;url=http://unfix.org/~jeroen/jeroen-unfix.org-pgpkey
Randy Bush wrote:
> for one host, 185,932 ssh dictionary password attacks in one gmt day
> (and, of course, password login is not enabled).

Partial "solution": rate limit ports to max X (5) new connects per X (60
secs) time.

Et tada, almost not to be seen any more.

Misc Linux-based example:
http://unfix.org/~jeroen/archive/rc.ratelimit

Also possible with your favorite BSD and other OS's...
Limiting port 25 also helps with those annoying bots around the net.

Other solution: disable IPv4 SSH and enable the IPv6 one, no scanning on
that plane ;)

Greets,
 Jeroen

Attachment: signature.asc
Description: OpenPGP digital signature



Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.