27 Jan
2010
27 Jan
'10
9:55 p.m.
On Wed, 27 Jan 2010 11:03:59 -0800 Domenic Santangelo <domenics@gmail.com> wrote:
I'm hearing some complicated attack vectors being tossed around in here (password sniffing, mitm, etc) -- don't forget about a pretty simple one: dictionary attacks. I recently took over a project for a small-medium sized client and upon looking at the secure log noticed 50k+/day dictionary attacks against SSH. I installed fail2ban and now get 5-6 emails daily about brute-force hack attempts.
Disable password login and/or move the port. Otherwise you risk to see yourself closed out of your own box. What could be worse, you may even not be the one who closed the door. -- Ivan Sergio Borgonovo http://www.webthatworks.it