Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Deliberately create slow SSH response?

from [Michael G. Reed] Network Security [Permanent Link]
Subject: RE: Deliberately create slow SSH response?
Date: Thu, 10 Jul 2008 15:47:30 -0400 (EDT) 
        Thought of moving to a different port?  Granted, if they
port-sweep your IP, they might find where you've moved off to, but it
will cut WAY down on the hits (especially if you pick something from
the well-known list that is normally innocuous, like, oh, port 1, 70,
179, etc.), and it's a one-line change to your sshd_config (well, that
and training yourself to ssh onto the other port... '-p' or '-P'
options depending on what you're trying to do).

-Michael

|> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
|> On Behalf Of Zembower, Kevin
|> Sent: Wednesday, July 09, 2008 12:56 PM
|> To: secureshell@securityfocus.com
|> Subject: Deliberately create slow SSH response?
|> 
|> This might seem like a strange question to ask, but is there a way to
|> deliberately create a slow response to an SSH request? I'm annoyed at
|> the large number of distributed SSH brute-force attacks on a server I
|> administer, trying to guess the password for 'root' and other accounts.
|> I think that my server is pretty secure; doesn't allow root to log in
|> through SSH, only a restricted number of accounts are allowed SSH
|> access, with I think pretty good passwords. But still, the attempts
|> annoy me.
|> 
|> I wouldn't mind if SSH took say 30 seconds to ask me for my password.
|> This would slow the attempts. Is there any way to configure OpenSSH to
|> do this? I searched the archives of this group with 'slow' and 'delay'
|> but didn't come up with anything on this topic. Please point it out to
|> me if I overlooked anything. In addition, I can limit the number of SSH
|> connections to 3-5 and still operate okay. 
|> 
|> Ultimately, I need this solution for hosts running OpenSSH_3.9p1 under
|> RHEL ES 4 and OpenSSH_4.3p2 under Debian 'etch' 4.0 and Fedora Core 6.
|> 
|> Thanks in advance for your advice and suggestions.
|> 
|> -Kevin
|> 
|> Kevin Zembower
|> Internet Services Group manager
|> Center for Communication Programs
|> Bloomberg School of Public Health
|> Johns Hopkins University
|> 111 Market Place, Suite 310
|> Baltimore, Maryland  21202
|> 410-659-6139
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Deliberately create slow SSH response?, Christian Grunfeld
Next by Date:  RE: Deliberately create slow SSH response?, Iacob, George M
Previous by Thread:  RE: Deliberately create slow SSH response?, Wilson, Richard E
Next by Thread:  Re: Deliberately create slow SSH response?, Ben Ford
Indexes:  [Date] [Thread] [Top] [All Lists]