[TriLUG] Fw: TALUG: Preventing SSH Dictionary Attacks With DenyHosts

Rick DeNatale rick.denatale at gmail.com
Mon Feb 20 11:18:49 EST 2006


On 20 Feb 2006 10:35:20 -0500, jonc <jonc at nc.rr.com> wrote:
> I've been using DenyHost for awhile now and I love it. I modified it so
> that it deny's all services from any host that attempts the ssh attack.
> Amazingly enough that seems to have also cut down on my virus traffic...
> hmmm could there be a correlation here?

Well my approach to avoiding dictionary attacks is to have these in my
/etc/ssh/sshd.conf

RSAAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
PasswordAuthentication no

That said shutting off machines attempting password access by putting
them in /etc/hosts.deny might have salutory effects.

Rick DeNatale

Visit the Project Mercury Wiki Site
http://www.mercuryspacecraft.com/



More information about the TriLUG mailing list