SSH Brute Force Mitigation

Unanswered Question
Oct 9th, 2007
User Badges:

How can I mitigate a brute force attack on my SSH server running IOS 12.4? Is there an ip inspect statement that can be added to disable connection attempts from an IP who has multiple failed login attempts?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Danilo Dy Tue, 10/09/2007 - 08:09
User Badges:
  • Blue, 1500 points or more

Hi,


The only solution is put an ACL for SSH/VTY access. Do not open SSH/VTY access to any.


Regards,

Dandy

Richard Burts Wed, 10/24/2007 - 11:41
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Michael


I am glad that you found that thread. I think that the login enhancements will do what you are looking for. Thanks for mentioning me in conjunction with this solution.


HTH


Rick

mlitka Wed, 10/24/2007 - 11:50
User Badges:

Rick -


No problem. Appreciate your participation here. I have been reading Terry Slattery's blog and he gave you a mention on Sunday. Are you blogging anywhere?


Thanks again,


Mike

Richard Burts Wed, 10/24/2007 - 11:58
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Mike


Thanks for reading and noticing Terry's blog. I have really enjoyed my association with him.


No I am not currently blogging anywhere.


HTH


Rick

Actions

This Discussion