Slashdot Mirror

← Back to Stories (view on slashdot.org)

SSH Password Gropers Are Now Trying High Ports

Posted by timothy on from the for-higher-love dept.

badger.foo writes "You thought you had successfully avoided the tiresome password guessing bots groping at your SSH service by moving the service to a non-standard port? It seems security by obscurity has lost the game once more. We're now seeing ssh bruteforce attempts hitting other ports too, Peter Hansteen writes in his latest column." For others keeping track, have you seen many such attempts?

2 of 349 comments (clear)

  1. Re:Just lock em out... by msauve · · Score: 5, Insightful

    If you lock out the account, and not the incoming host, then you simply provide a DoS mechanism to lock out legitimate users.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  2. Re:Don't rely on security-though-obscurity by AmiMoJo · · Score: 5, Insightful

    You might as well expire those banned IP addresses after a day because 99.97% of them are compromised machines on dynamic connections. Having a file that size just wastes computing resources (having to check every single one) and slightly increases the chance you won't be able to log in from some random place one day.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC