[TAG] ssh intruders
Mike Orr
mso at oz.net
Sun Sep 4 23:38:05 MSD 2005
All right, these ssh intruders are getting irritating.
``Sep 4 12:11:54 [sshd] Invalid user staying from 61.83.223.11
Sep 4 12:11:56 [sshd] Invalid user hairless from 61.83.223.11
Sep 4 12:11:58 [sshd] Invalid user vitrics from 61.83.223.11
Sep 4 12:11:59 [sshd] Invalid user cloudy from 61.83.223.11
Sep 4 12:12:01 [sshd] Invalid user medulla from 61.83.223.11
Sep 4 12:12:02 [sshd] Invalid user pomp from 61.83.223.11
''
Is there any more satisfying way to tell them to go to hell besides
turning off sshd? I thought about moving sshd to a different port and
putting something else on port 22, but what? Something that pretends to
accept a login and then times out? Spew back
"gotohellgotohellgotohell!!!" after every request? (Put that in your
decryption pipe and smoke it.) A SSL-compatible Eliza program? "Why
did you say '15c402ff'?" I'd send them 15 megabytes from /dev/urandom
but that would use my bandwidth.
More information about the TAG
mailing list