On Fri, Jul 17, 2015, at 14:19, Mike Tancsa wrote: > Not sure if others have seen this yet > > ------------------ > > > https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ > > "OpenSSH has a default value of six authentication tries before it will > close the connection (the ssh client allows only three password entries > per default). > > With this vulnerability an attacker is able to request as many password > prompts limited by the “login graced time” setting, that is set to two > minutes by default." > >
Does it produce multiple entries in the server logs? I'm curious if sshguard etc would detect this. If I understand what's going on, this might appear as if it's a single "session" and be able to bypass pf overload rules. I'll have to play around with it and see what it does. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
