Contributed by jcr on from the port-knocking-on-heaven's-door dept.
Allan Jude, Kris Moore, and TJ of BSD Now have released Episode 007 where they throw James Bond down one of the internal shafts of the Death Star. Hopefully they won't start releasing prequels, but in this episode they also talk about the work of Peter N. M. Hansteen (pitrh@) using pf(4) to thwart slow, "low intensity," brute force attacks on sshd(8).
Peter gave a talk (with video) on the "The Hail Mary Cloud" brute force attacks at BSDCan 2013. He also gave a tutorial on pf(4) at EuroBSDCon 2013, and recently posted a summary of Lessons Learned from The Hail Mary Cloud on his blog. The blog post has a lot of great links to previous articles on slow brute force attacks on sshd(8) along with example datasets and logs.
(Comments are closed)