> Strong agreement! There are endless dictionary attacks to ssh. This > sometimes scares people but for no good reason. If you have a strong > passwords, and everyone should have either strong passwords for ssh or > blocked passwords, then there is no danger. There is no need to shy > away from ssh simply because the Internet is a hostile place. >
Another good tool to prevent dictionary attacks is "denyhosts". This one, combined with "portsentry" and "hostsentry", is working great. An attackers ip will be automatically put into /etc/hosts.deny, and cannot ssh any more in, even if he has got the correct password. However, if he manages to brute force each try with a separate ip, then this defense will not work. Hans
signature.asc
Description: This is a digitally signed message part.
