What is a SSH Brute force attack
SSH Brute force attack
Vulnerable computer systems and applications:
Linux servers.
Description:
SSH Brute force attack is an attempt to guess server login credentials by inserting random sequences of characters and frequently used combinations. For this purpose, various software tools are used which, depending on the system’s security level, could allow up to several thousand guesses per minute. It’s easy to get into a system if the standard SSH port 22 is used, and the account password is straightforward or very similar to the login name.
Recommendations:
- Replace the standard SSH port 22 with another;
- Don’t use popular account names like admin, test, etc.;
- Use strong passwords with random letters and numbers;
- Do not use birth date, name, nickname, or other words that are easy to guess in your password;
- Set up the system to allow connection only from identified IP addresses;
- Set the maximum number of failed connections over a certain time interval;
- Use SSH keys (SSH keys).