SSH Brute Force attack again!

open-safe1
Security Experts at sans warns IT Managers from a new type of SSH attack that can lead to compromise the server and open an administrator session on it.

The Sans researchers warns of brute force-attack with objective to find usernames and passwords on the targeted servers. According to Daniel Wesemann at SANS Internet Storm Center who is looking that all SSH users take this seriously by the following warning :

If you are running any SSH server open to the Internet, and your usernames and passwords aren’t at least 8 characters or so, your box is either owned by now, or about to be. It doesn’t matter one bit what sort of device it is – those who run these scans have proven to be equally apt at taking over a Cisco router as they are at subverting an iMac.

You can find here some pointers on securing SSH.

So minimize the risk disable anything you don’t need.monitor all suspicious activity. Secure your stuff and Keep working.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Share