2007-10-06 09:31:38
By Tim Brown
I've just been reading Russell Coker on reducing automated attacks against SSH and I must say, his timing couldn't have been worse :/. SSHatter now supports arbitrary ports which largely nullifies his suggestion to change the SSH listening port. Anyway, that isn't the only change I've made in SSHatter 0.6, it will now optionally time login attempts in attempt to enumerate users as described here. I've put together my thoughts in a response on Russell's blog but essentially, investigate the AllowUsers and PasswordAuthentication directives in sshd_config if you really want to reduce these attack.
Mood: Party
Music: Nothing playing right now
You are unknown, comment