Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Bruteforce attack on my pc
Top Forums UNIX for Dummies Questions & Answers Bruteforce attack on my pc Post 302140601 by cbkihong on Monday 15th of October 2007 12:07:02 AM
Old 10-15-2007
Probably the simplest way is not to block individual IPs but to switch SSH to a higher and obscure port number, switch to an exclusive public key authentication model, and only allow explicit blocks of IP to access if possible. Blocking IPs are usually futile because these IPs most often do not represent the real cracker's IP. They just crack into many vulnerable systems and use those as shields to break in others' systems for one-time only and so the list is essentially infinite, and you will see new IPs emerge every day. They have many of these victim hosts at their disposal so if you block one they simply switch to another.
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

2. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

3. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

4. Cybersecurity

Network attack - so what?

In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies

5. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

6. UNIX for Dummies Questions & Answers

I need a database and a plan of attack!

Hi everyone, I've got an extensive collection of seismic files that I am trying to turn into workable subsurface data collection. It's all real-time history and it is being loaded onto the main linux computer from a collection of about 1000 CDs. There are about 4000 seismic files on each CD, and... (3 Replies)
Discussion started by: ws6transam
3 Replies

7. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

LEARN ABOUT POSIX

sftp-server

sftp-server(1M) 					  System Administration Commands					   sftp-server(1M)

NAME

       sftp-server - SFTP server subsystem

SYNOPSIS

       /usr/lib/ssh/sftp-server

DESCRIPTION

       sftp-server implements the server side of the SSH File Transfer Protocol as defined in the IETF draft-ietf-secsh-filexfer.

       sftp-server is a subsystem for sshd(1M) and must not be run directly. There are no options or config settings.

       To enable the sftp-server subsystem for sshd add the following to /etc/ssh/sshd_config:

       Subsystem   sftp     /usr/lib/ssh/sftp-server

       See sshd_config(4) for a description of the format and contents of that file.

       There is no relationship between the protocol used by sftp-server and the FTP protocol (RFC 959) provided by in.ftpd.

EXIT STATUS

       The following exit values are returned:

       0	Successful completion.

       >0	An error occurred.

FILES

       /usr/lib/sftp-server

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshdu 		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       sftp(1), ssh(1), ssh-add(1), ssh-keygen(1), sshd(1M), sshd_config(4), attributes(5)

       To  view  license  terms,  attribution,	and  copyright	for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the
       Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the installed
       location.

AUTHOR

       Markus Friedl

SunOS 5.10							    30 Jul 2003 						   sftp-server(1M)
All times are GMT -4. The time now is 12:27 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy