28 February 2006
Stuff We've Learned: Mitigating SSH Brute Force Attacks
by micahToday I got a burr in my saddle again about SSH brute force attacks after finding thousands of attacks from a single machine against a couple of our network hosts. Unable to find a suitable solution, I went ahead and wrote my own.
R-fx Networks - Internet Security Solutions - Projects ยป BFD
by micahBFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans.
sshdfilter V1.4.3 ssh brute force attack blocker
by micah (via)sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output and generating iptables rules, the process can be quick enough to block an attack before they get a chance to enter any password at all.
30 January 2006
The Six Dumbest Ideas in Computer Security
by micah & 1 otherLet me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good ideas. They come from misguided attempts to ignore reality. These dumb ideas are the fundamental reason(s) why all that money you spend on information security is going to be wasted.
1
(4 marks)