mailing list archives
Re: Re: Any update on SSH brute force attempts?
From: Tim <tim-security () sentinelchicken org>
Date: Sat, 16 Oct 2004 10:05:36 -0400
And the few present users attempted:
In addition to what others have suggested, you could use PAM to enforce
account lockouts in the event that the attacker does focus the attempts
on a real account. The Linux module for this is pam_tally. You can
also put an unlock script on a cron job to then prevent DoS of all of
your accounts. Not perfect, but effective.
Full-Disclosure - We believe in it.