[j-nsp] SSH attack
Jonas Frey
jf at probe-networks.de
Wed Feb 20 18:18:52 EST 2008
Hello,
why dont you firewall the RE and let only clients from allowed ip ranges
in? Much easier...
Regards,
Jonas Frey
On Wed, 2008-02-20 at 21:15, Ying Zhang wrote:
> Hello, all,
>
> On our Juniper router, we constantly see people trying to connect through SSH. I've tried everything I can find to eliminate it. The following is what I've done so far. Just wondering if there is a better way to stop it on the router (we do block port ssh on every link). Thanks in advance.
>
> root-login deny;
> protocol-version v2;
> connection-limit 5;
> rate-limit 1;
>
> retry-options {
> tries-before-disconnect 2;
> backoff-threshold 2;
> backoff-factor 10;
> minimum-time 20;
> }
>
>
> C
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list