version-new-1.png

SSH BRUTEFORCE

shape
shape
shape
shape
shape
shape
shape
shape

SSH BRUTEFORCE ATTACK: How to defend against it effectively?

Hackers frequently target Linux servers and try to bruteforce the ssh daemon running on it.  If the root password that you have set is weak , the hackers would quickly gain access to your Linux server and your machines could be part of wider bot network, launching ddos attacks , sniffing, and doing other nefarious activities without the system administrator knowing about it.
The best ways to defend are :

  1. Disable password based authentication and use only Key based
    authentication which is the most effective method to beat bruteforce
    attacks.
  2. In case you have to enable password based authentication for some
    reason, do drop all ssh traffic to your server by default and Allow only
    the ips that you know would be accessing your server in ssh.
  3. Use the AllowUsers directive in the ssh configuration to only allow
    certain users or IP’s. In /etc/ssh/sshd_config, you can specify a list
    of allowed users like this:
				
					AllowUsers rick@98.122.22.2 
           root@126.22.10.1
				
			

        This will allow only the user rick to ssh from the ip 98.122.22.2 and the user root can ssh only from 126.22.10.1

     4. Set super strong password that are more than 10 characters long. Ezeelogin SSH jumphosts password management feature would help you set 30 character long complex passwords.

      5. Frequently reset the passwords once a day. The password management feature in Ezeelogin ssh gateway would do that automatically for you at the click of a button.

Leave a Reply

Your email address will not be published. Required fields are marked *

Others