Model: j6350
JUNOS Software Release [10.4R4.5]
Following is the current configuration that we have for ssh:-
set system login user xxx authentication ssh-rsa ssh-rsa B
set system services ssh
set security ssh-known-hosts host 10.x.x.x rsa-key
set security ssh-known-hosts host 10.x.x.x
On Thursday, February 27, 2014 02:13:42 PM Harri Makela
wrote:
set interfaces ge-0/0/1 unit 0 family inet filter input
Access
Your firewall needs to be configured on the Loopback
interface, as that represents the router's control plane.
set interfaces lo0 unit 0 family inet filter input
Ben Dale writes:
set system services ssh port 1024-65535
...
maybe an allow-sources might be a bit more useful in this instance? Less
sophisticate
d users tend to shoot themselves in the foot with firewall filters quite
regularly.
Would a firewall filter on lo0 be a better answer for this?
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
If X.X.X.X/16 includes any interface address of this router, then this
filter is NOT going to stop attacks, no matter where applied.
You should be much more specific in writing the match conditions. Below
is an
The filter the OP posted
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
set firewall family inet filter Access
Hi There
I am constantly getting these log messages for last few days:-
sshd[21015]: Failed password for root from X.X.103.152 port 21067 ssh2
sshd[21016]: Received disconnect from X.X.103.152: 11: Normal Shutdown, Thank
you for playing
Are these indicating any brute-force attack ?Thanks
HM
On Wed, Feb 26, 2014 at 02:21:46PM -0800, Harri Makela wrote:
Hi There
I am constantly getting these log messages for last few days:-
sshd[21015]: Failed password for root from X.X.103.152 port 21067 ssh2
sshd[21016]: Received disconnect from X.X.103.152: 11: Normal Shutdown, Thank
you
Protect your RE. Put a filter on your loopback and permit only your netwoks to
access this port(22).
Enviado via iPhone
Grupo Connectoway
Em 26/02/2014, às 19:21, Harri Makela harri_mak...@yahoo.com escreveu:
Hi There
I am constantly getting these log messages for last few days:-
If you're stuck with password-based login (rather than SSH keys), leave
yourself one go at missing your password, then increase the backoff-factor up
to 10 to put a 10-second wait for guess number 3:
set system services ssh root-login deny
set system login retry-options backoff-threshold 2
set
9 matches
Mail list logo