Protecting SSH at the Transport Layer

SSH daemons are common targets for brute force attacks. Through log monitoring and firewalling, the impact of these attacks on both security and bandwidth consumption can be minimised. The authors consider a number of implementations and employ Stockade as a backend to SSHGuard for blocking attackers. The SSH daemon provides secure remote log in facilities and may be thought of as an encrypted version of telnet. It is often used to allow remote system administration. Despite the inherent security features of the SSH protocol, common user names combined with poor passwords leaves a system extremely vulnerable.