Linux.com: Protecting Linux Against Automated Attackers
Sep 23, 2005, 10:45 (8 Talkback[s])
(Other stories by Ryan Twomey)
"As many systems administrators will tell you, attacks from
automated login scripts specifically targeting common account names
with weak passwords have become a substantial threat to system
security, especially via SSH (a popular program that allows remote
users to log in to a Linux computer and execute commands locally).
Here are some common-sense rules to follow that can greatly improve
security, as well as several scripts to cut down on the computing
resources wasted by these attacks.
"Brute-force attackers use so-called dictionary attacks,
attempting many different login/password combinations in an attempt
to hit on one that matches. In most cases, these scripts use a
pre-programmed 'dictionary' of often-used account names..."