ArubaOS and Controllers

Reply
Frequent Contributor I
Posts: 67
Registered: ‎01-06-2011

Brute force ssh attacks on 3600 controller

Does the 3600, 5.0.3.0 controller have some way to block ssh brute force attacks? I am seeing many attempts to login with bogus accounts, is there a way to add these hosts to a black list or some way of blocking these attacks within the controller configuration?
Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: Brute force ssh attacks on 3600 controller

Please see the ArubaOS 5.x user guide, under "Configuring a Management Password Policy" to see what your options are.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 67
Registered: ‎01-06-2011

Re: Brute force ssh attacks on 3600 controller

It will only lockout the user for specified amount of time, once the time expires the attacker can keep attacking...
Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: Brute force ssh attacks on 3600 controller

Yes.

And any attacker who sees that SSH is open on a controller will not only attack from that ip address, but attack from others, as well. The only truly secure method is to not expose your controller on port 22 on the internet. You can also use public key cryptography as a login to the controller or a long and secure username and password.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: