Techinvasion.net » ssh http://www.techinvasion.net Tue, 13 Jul 2010 15:44:15 +0000 en hourly 1 http://wordpress.org/?v=3.0 SSH Brute Force Mitigation in Junos http://www.techinvasion.net/2009/11/11/ssh-brute-force-mitigation-in-junos/ http://www.techinvasion.net/2009/11/11/ssh-brute-force-mitigation-in-junos/#comments Thu, 12 Nov 2009 01:20:38 +0000 john http://www.techinvasion.net/?p=152 I have several Juniper SRX-210 devices configured in remote offices. One of the biggest problems I have is that there are a lot of people that are constantly running scripts against the ssh daemon. Now I could lock it down to only a specified list of allowed IP addresses. This would be the most secure method but i have a business requirement of being able to connect to this device from many different location. There is a command you can use to mitigate brute force attempts.

The command limits the number of ssh attempts per minute per source ip to 2. Just enough incase you make a mistake during login, but not enough for a script kiddie to run 500 attacks a minute against your firewall.

services {
   ssh {
     rate-limit 2;
  }
}
]]> http://www.techinvasion.net/2009/11/11/ssh-brute-force-mitigation-in-junos/feed/ 2