[Info-vax] SSH on VAX - performance impact of break in attempts
urbancamo
mark at wickensonline.co.uk
Wed Aug 25 02:17:37 EDT 2010
On Aug 25, 7:11 am, Ken Robinson <kenrb... at gmail.com> wrote:
> On Aug 25, 1:53 am, urbancamo <m... at wickensonline.co.uk> wrote:
>
>
>
> > Good morning,
>
> > I have a VAX running Multinet V5.3 under a hobbyist license which has
> > an SSH server running to allow access for selected remote users. I've
> > been experiencing a number of break in attempts lately, generally
> > lasting for several hours each. Each attempt causes the SSH server to
> > utilise 100% CPU for about 20 seconds (on a VAXstation 4000/90) - this
> > is having a negative impact for users on overall system performance. I
> > am using the SSH2 server.
>
> > I have attempted a number of strategies to reduce this impact:
>
> > 1. I have defined an AllowUsers list so only named users are allowed.
> > 2. I have set AuthInteractiveFailureTimeout to 30 so that there is a
> > 30 second delay between login attempts from the same host/session.
> > 3. I have set RequiredAuthentications to publickey,password so that
> > both a password and a valid public key are required.
>
> > Unfortunately none of these strategies reduce the length of 100% CPU
> > utilisation for failed login attempts.
>
> Change the port for SSH to something other than the default of 22 (and
> tell the real users of the change). This should eliminated 99% of the
> breakin attempts.
>
> Ken
Thanks Ken,
Yes, that's a good idea.
Mark.
More information about the Info-vax
mailing list