The filter the OP posted
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
set firewall family inet filter Access ter
set firewall family inet filter Access term AllowSSH from address X.X.X.X/16
If X.X.X.X/16 includes any interface address of this router, then this
filter is NOT going to stop attacks, no matter where applied.
You should be much more specific in writing the match conditions. Below
is an examp
Ben Dale writes:
>set system services ssh port <1024-65535>
>...
>maybe an "allow-sources" might be a bit more useful in this instance? Less
>sophisticate
>d users tend to shoot themselves in the foot with firewall filters quite
>regularly.
Would a firewall filter on lo0 be a better answer for
On Thursday, February 27, 2014 02:13:42 PM Harri Makela
wrote:
> set interfaces ge-0/0/1 unit 0 family inet filter input
> Access
Your firewall needs to be configured on the Loopback
interface, as that represents the router's control plane.
> set interfaces lo0 unit 0 family inet filter input
Model: j6350
JUNOS Software Release [10.4R4.5]
Following is the current configuration that we have for ssh:-
set system login user xxx authentication ssh-rsa "ssh-rsa B"
set system services ssh
set security ssh-known-hosts host 10.x.x.x rsa-key
set security ssh-known-hosts host 10.x.x.x
On Thursday, February 27, 2014 01:14:26 AM Rodrigo Augusto
wrote:
> Protect your RE. Put a filter on your loopback and permit
> only your netwoks to access this port(22).
Yep.
You really shouldn't let your SSH daemon have easy access to
the world.
Mark.
signature.asc
Description: This is a
If you're stuck with password-based login (rather than SSH keys), leave
yourself one go at missing your password, then increase the backoff-factor up
to 10 to put a 10-second wait for guess number 3:
set system services ssh root-login deny
set system login retry-options backoff-threshold 2
set s
disable root-login will render most of attack useless.
On Wed, Feb 26, 2014 at 8:56 PM, Phil Shafer wrote:
> Rodrigo Augusto writes:
>>Protect your RE. Put a filter on your loopback and permit only your netwoks
>>to access th
>>is port(22).
>
> Also consider disabling passwords completely. In 1
Rodrigo Augusto writes:
>Protect your RE. Put a filter on your loopback and permit only your netwoks to
>access th
>is port(22).
Also consider disabling passwords completely. In 13.3 we introduced
the [system services ssh no-passwords] flag that turns off password-
based authentication, requirin
Protect your RE. Put a filter on your loopback and permit only your netwoks to
access this port(22).
Enviado via iPhone
Grupo Connectoway
> Em 26/02/2014, às 19:21, Harri Makela escreveu:
>
> Hi There
>
> I am constantly getting these log messages for last few days:-
>
> sshd[21015]: Failed
On Wed, Feb 26, 2014 at 02:21:46PM -0800, Harri Makela wrote:
> Hi There
>
> I am constantly getting these log messages for last few days:-
>
> sshd[21015]: Failed password for root from X.X.103.152 port 21067 ssh2
> sshd[21016]: Received disconnect from X.X.103.152: 11: Normal Shutdown, Thank
>
Hi There
I am constantly getting these log messages for last few days:-
sshd[21015]: Failed password for root from X.X.103.152 port 21067 ssh2
sshd[21016]: Received disconnect from X.X.103.152: 11: Normal Shutdown, Thank
you for playing
Are these indicating any brute-force attack ?Thanks
HM
12 matches
Mail list logo
