Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Any update on SSH brute force attempts?
From: Tim <tim-security () sentinelchicken org>
Date: Sat, 16 Oct 2004 10:05:36 -0400

And the few present users attempted:
adm
apache
nobody
operator
root


In addition to what others have suggested, you could use PAM to enforce
account lockouts in the event that the attacker does focus the attempts
on a real account.  The Linux module for this is pam_tally.  You can
also put an unlock script on a cron job to then prevent DoS of all of
your accounts.  Not perfect, but effective.

hth,
tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault