1021
Brute force protection (rytter.me)
submitted 1 year ago by anders@rytter.me to c/memes@lemmy.ml
111 comments fedilink hide all child comments

Brute force protection

@memes

you are viewing a single comment's thread
view the rest of the comments
[-] Pacmanlives@lemmy.world 14 points 1 year ago

I remember in college editing OpenSSH source code to instead of return wrong password to a root shell prompt just to stop brute force attacks

[-] 0x0@lemmy.dbzer0.com 5 points 1 year ago

A honeypot!

[-] ReakDuck@lemmy.ml 4 points 1 year ago* (last edited 1 year ago)

But... arent they logged in as root then? Wdym with "prompt" i am lost

[-] anders@rytter.me 1 points 1 year ago

@Pacmanlives
Couldn't you just disable root login in the sshd config?

[-] Pacmanlives@lemmy.world 2 points 1 year ago

Oh all of my configs are deny root ssh login or without-password. I noticed a significant decrease in scans when returning a root prompt when I did that. This was also in the mid 2000s so who knows how things would be in this day in age for a reduction in scans

[-] anders@rytter.me 2 points 1 year ago

@Pacmanlives
So it was a fake root prompt which tricked the bots into believing that they logged in successfully but in reality the prompt could do nothing on the system?

this post was submitted on 13 Mar 2024
1021 points (96.9% liked)

Memes

50025 readers
360 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 6 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml