[Info-vax] SSH on VAX - performance impact of break in attempts

[VAXman- at SendSpamHere.ORG]

In article <BpKdnaQjJc72k-jRnZ2dnUVZ_uKdnZ2d at earthlink.com>, Altivo Overo <tivo at altivo.org> writes:
>On Wed, 25 Aug 2010 12:00:31 +0000, VAXman- wrote:
>
>> Beacause only a fool would create a 'root' account or an 'administrator'
>> account on VMS *AND* give it privies.  If such a fool should exit, he or
>> she deserves the wrath of whatever these password crackers can do!  The
>> 12 character username prohibits the 'administrator' account.
>
>Some of them will try "operator" and "system" too. I stopped this 
>nonsense by blocking it at the firewall before it gets to the OpenVMS 
>system. SSH to that machine is possible only from specific originating 
>address ranges. That solution works well here, but of course isn't 
>practical for everyone. Non-dictionary passwords such as those created by 
>the password generator facility are good protection against this sort of 
>break-in, but won't keep them from trying.

When one is on the road, there's no way of knowing the IP address in a
great many cases.  I've wanted to setup a block on the Cisco whereby a
"knock on the door" of a certain web page I'd setup would send an SNMP
command to the Cisco to add the IP to an ACL.  Sadly, after speaking to
a number of Cisco engineers, there's no way to do with with SNMP.

I am not too worried.  I use TCPIP Services and move the ssh port high
into the ephemeral port region.  Also, I put a limit the number of ssh
sessions/connections with the SET SERVICE /LIMIT command.  Even is one
were to attack, the attack would be short-lived. ;)
-- 
VAXman- A Bored Certified VMS Kernel Mode Hacker    VAXman(at)TMESIS(dot)ORG

All your spirit rack abuses, come to haunt you back by day.
All your Byzantine excuses, given time, given you away.