++-----Original Message----- ++From: [EMAIL PROTECTED] [mailto:plug- [EMAIL PROTECTED] On Behalf Of Ariz C. Jacinto ++Sent: Friday, July 29, 2005 1:44 PM ++To: Gideon N. Guillen; The Main Philippine Linux Users' Group (PLUG) ++Discussion List ++Subject: Re: [plug] SSH Bruteforce Activity ++ ++ ++>Yes, but most of these brute force attacks are done by script-kiddies ++>only. And they rarely scan for sshd listening on other port. Most of ++>the time, if they try to brute force attack sshd on a non-standard ++>port, they're really serious in getting your machine 0wn3d. If that's ++>the case, they're not script-kiddies anymore. Anyway, combining this ++>with iptables/host.deny+allow whitelist (allow only trusted host) will ++>do. ++> ++ ++interesting. but dont they scan first before launching their scripts? [<-----snip----->] well, if they were script kiddies, they wouldn't bother wasting time scanning for your ssh port, unless there was something they *really, REALLY* wanted. If they weren't script kiddies, I don't think that they'd resort to brute force (leaves too many tracks).
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List plug@lists.linux.org.ph (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
