SSH Brute Force Mitigation

Unanswered Question
Oct 9th, 2007

How can I mitigate a brute force attack on my SSH server running IOS 12.4? Is there an ip inspect statement that can be added to disable connection attempts from an IP who has multiple failed login attempts?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Danilo Dy Tue, 10/09/2007 - 08:09

Hi,

The only solution is put an ACL for SSH/VTY access. Do not open SSH/VTY access to any.

Regards,

Dandy

Richard Burts Wed, 10/24/2007 - 11:41

Michael

I am glad that you found that thread. I think that the login enhancements will do what you are looking for. Thanks for mentioning me in conjunction with this solution.

HTH

Rick

mlitka Wed, 10/24/2007 - 11:50

Rick -

No problem. Appreciate your participation here. I have been reading Terry Slattery's blog and he gave you a mention on Sunday. Are you blogging anywhere?

Thanks again,

Mike

Richard Burts Wed, 10/24/2007 - 11:58

Mike

Thanks for reading and noticing Terry's blog. I have really enjoyed my association with him.

No I am not currently blogging anywhere.

HTH

Rick

Actions

This Discussion