Re: Unknown rootkit causes compromised servers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Jan 28, 2008 10:14 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
> Craig White wrote:
> >>
> >> We will work also with the Red Hat Security team and see if we can
> >> isolate any issues that might be FIXABLE.
> > ----
> > doesn't this almost beg for upstream to make denyhosts a base install
> > and automatically on, just as sshd is automatically on?
>
> I've always wondered why a program like sshd didn't rate-limit
> connection attempts from day one.  It's not exactly a new concept,
> especially for a security-oriented program.

It's a question of scale. For some systems, 30 people logging in is
too many. For others, it's 3000. There is no 'right' default value. It
should be (and is) left up to the admin and iptables.


-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux