

Defending against SSH brute force attacks - IgnitionWeb
http://ignitionweb.posterous.com/49335013

======
nuclear_eclipse
I think what the author fails to realize is that this isn't a targetted attack
by a single group, but rather a mass of unfocused attempts to catch low-
hanging fruit anywhere on the internet they can find it. Not to say that the
hardening efforts aren't worth it, but that there's a difference between a
bunch of automated attacks against "common" username and password combinations
and a focused brute-force attack.

I just disable password-auth, install fail2ban, and call it a day.

------
originalgeek
I have found the suite of "projects" from R-fx Networks to be fairly effective
and easy to deploy:

<http://www.rfxn.com/projects/>

~~~
IgnitionWeb
nice find

------
nodata
How can this stuff get voted to the top every week?

100 different ways to write "Install a firewall and use fail2ban/denyhosts. Oh
and make sure you sshd config is sane."

