Network Security: Detailed info on Re: shutting down dictionary attacks

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: shutting down dictionary attacks

from [LD] Network Security

[Permanent Link]

Subject:	Re: shutting down dictionary attacks
Date:	Tue, 5 Jul 2005 02:56:25 -0000 (HST)

On Mon, Jul 04, 2005 at 11:03:15AM -0500, Brian J. Woods wrote:

Look at documentation for sshd for StrictMode, the time writing this I
didn't have the time. Also MaxAuthTries, try changing the value from the
one you have to see if that changes things a bit. I think the problem
you have is not so trivial, but this should be an interesting thread on
ways to handle this.


The default for StrictMode is "yes" -- but it just checks users files to
determine if they're world writeable.  I'm not sure how it would apply.

I'm setting MauxAuthTries to 1, the default is 6.

You're right.  This is certainly interesting.


The only problem with setting the max to 1 is that if you're running an
SSH key agent, your SSH program may attempt key authentication.  Each key
in the ring counts as 1 authentication try, so this could possibly cut you
off if you use keys.  Just a warning ;)  Easily fixed.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
shutting down dictionary attacks, Josh Grosse Message not available Re: shutting down dictionary attacks, Josh Grosse Message not available Re: shutting down dictionary attacks, Josh Grosse Re: shutting down dictionary attacks, Guillaume Vissian Re: shutting down dictionary attacks, Brian J. Woods Re: shutting down dictionary attacks, Guillaume Vissian Re: shutting down dictionary attacks, Guillaume Vissian Re: shutting down dictionary attacks, LD <= Re: shutting down dictionary attacks, Josh Grosse Re: shutting down dictionary attacks, Nathan Jackson Message not available Re: shutting down dictionary attacks, Josh Grosse Re: shutting down dictionary attacks, Guillaume Vissian Re: shutting down dictionary attacks, Josh Grosse Re: shutting down dictionary attacks, Brian J. Woods Re: shutting down dictionary attacks, Bartosz Krajnik Re: shutting down dictionary attacks, apacheroot RE: shutting down dictionary attacks, Mojito Jones Re: shutting down dictionary attacks, Brian J. Woods

Previous by Date:	Re: shutting down dictionary attacks, Brian J. Woods
Next by Date:	Re: shutting down dictionary attacks, Guillaume Vissian
Previous by Thread:	Re: shutting down dictionary attacks, Guillaume Vissian
Next by Thread:	Re: shutting down dictionary attacks, Josh Grosse
Indexes:	[Date] [Thread] [Top] [All Lists]