Re: shutting down dictionary attacks

With reflexion PAM is for sure responsible of this, i think the sshd
is still connected to PAM who is responsible of password login, i
think that disconnect sshd from PAM maybe a way to stop those kind of
attack, another way is that script kiddies directly launch a password
AND login command and due to the config are immediately rejected, but
it's log. A way to stop that attacks is to run sshd on another port
and to hide it, but i don't know how you can hidden sshd...

2005/7/4, Josh Grosse <josh@jggimi.homeip.net>:
> On Mon, Jul 04, 2005 at 11:03:15AM -0500, Brian J. Woods wrote:
>
> > Look at documentation for sshd for StrictMode, the time writing this I
> > didn't have the time. Also MaxAuthTries, try changing the value from the
> > one you have to see if that changes things a bit. I think the problem
> > you have is not so trivial, but this should be an interesting thread on
> > ways to handle this.
>
> The default for StrictMode is "yes" -- but it just checks users files to
> determine if they're world writeable.  I'm not sure how it would apply.
>
> I'm setting MauxAuthTries to 1, the default is 6.
>
> You're right.  This is certainly interesting.