-5

Assuming ssh brute force attacks.

Assuming the following IPTABLES configuration:

DROP       tcp  --  anywhere             anywhere             tcp dpt:ssh state NEW recent:     UPDATE seconds: 120 hit_count: 10 TTL-Match name: sshprobe side: source
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh state NEW recent: SET name: sshprobe side: source
Mladen Adamovic
  • 569
  • 1
  • 3
  • 14
  • 3
    IMO you are better served mitigating brute force attacks, rather than hoping your password is "strong enough". 1.) Move SSH off default port 2.) Install & configure fail2ban (or similar) 3.) If possible, restrict incoming SSH access to trusted IPs 4.) Use keypairs instead of passwords [Doing these items will DRASTICALLY decrease your attack surface & vulnerability to brute forcing.] – jlehtinen Jan 29 '15 at 19:22

1 Answers1

3

Password authentication at its best is never secure enough. The idea of password authentication is fundamentally outdated and flawed.

The comment on your question is correct, change default port, etc. But also move to key and passphrase authentication.

Another option, if you can configure it this way is to only allow your ssh connection through your firewall through a static ip.

Gravy
  • 770
  • 1
  • 5
  • 17