Am 09.01.2015 um 15:59 schrieb Alexander Ploumistos:
On Fri, Jan 9, 2015 at 4:51 PM, Reindl Harald wrote:you achieve nothing than cluttered logs from continued dictionary attacks with such a setup even if it would be possible and that has the security implication burry interesting lines in noise Oh, I agree with you, but it would be quite nice to have in a honeypot, combined with sshd listening on port 22, so I'm still curious if it is feasible (and how)
for that i would seek a dedicated honeypot-service listening on port 22 with it's own logging and have the real sshd with key-only auth on a non-default port
https://code.google.com/p/kippo/ https://github.com/desaster/kippothat has also the benefit even in case of a bug in sshd itself that you have all the crap on a different code base not be real sshd at all
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
