[j-nsp] SSH attack
Kenneth Mix
kmix at transaria.com
Wed Feb 20 18:16:08 EST 2008
You could apply a filter on your loopback interface (RE filter) that
only allows SSH from specific destinations.
Ken
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Ying Zhang
Sent: Wednesday, February 20, 2008 1:15 PM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] SSH attack
Hello, all,
On our Juniper router, we constantly see people trying to connect
through SSH. I've tried everything I can find to eliminate it. The
following is what I've done so far. Just wondering if there is a better
way to stop it on the router (we do block port ssh on every link).
Thanks in advance.
root-login deny;
protocol-version v2;
connection-limit 5;
rate-limit 1;
retry-options {
tries-before-disconnect 2;
backoff-threshold 2;
backoff-factor 10;
minimum-time 20;
}
C
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list