136Free Fire Zone: When life hands you a lemon, make a vodka and tonic.

Free Fire Zone
Welcome to Free Fire Zone

Remark Req: 40
This Thread is closed...

We just checked the authentication logs on one of my BSD boxes to discover several attempts at a brute force dictionary attack. Dictionary attacks are where a list of common user names and password combos are scripted against a computer with an OpenSSH port.

Our first reaction after reading a report on the story at Slashdot was, we didn't even know we had authentication logs; thought all log in attempts went to the general log, messages.

All the attempts failed for root logins because root logins are prohibited on Free BSD fresh installations. There were several things that can be done to temper this sort of activity.

One is to limit login attempts from 10 attempts to two attempts and the other is to limit the time to login to 15 seconds from 120 seconds as the default. This combo should temper attacks,. At least that is the plan.

As a technical matter only, it is interesting to note that nearly all attempts we found were from South Korea, China, France and Seattle. There was on attempt from ThePlanet, in Dallas, a web hosting company and a known favorite of jihadi types. As soon as we gather more info we will be contacting someone to let them know what is going on.

We will soon begin to grep those ip numbers into a database and have it available for all to see.

It has been 5754 days since this story was posted.
Discussion threads close after five days.
Return to the Free Fire Zone

See the full, archived discussion