force attack tool for SSH. It's quite a simple tool, the author
having built the dictionary into the code rather than relying on
external dictionary files. I still get the impression that it will
still be affective against those systems with poor configurations and
weak passwords (there's more of them than you
think).
Countermeasures:
- edit the SSH config to limit who can
log in via SSH (hint: root should not be one of these) - configure
your IP filters (routers, IPFW, IPTables, etc.) so that only certain IPs
can connect with SSH - consider using SKey, user-level keys,
Kerberos or some other type of authentication
turn off the default username/password authentication.
No comments:
Post a Comment