Re: Is there an openssh security problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 07/10/2009 02:59 PM, Rainer Duffner wrote:
> Brute-forcing has long-since started to go distributed, fooling fail2ban
> and similar scripts with  just 3 or 4 checks per single source-host.

I've never been a big fan of either denyhosts or fail2ban, both of them 
are just making it easier for someone else to ddos you, and achieve 
little in terms of the real problem, as you said here the brute forcing 
has gone into the spam-botnets a long time back.

as an example : one of my machines got ssh attempts from > 3500 
different ip's in under an hour a few weeks back.

pam_shield and similar solutions offer a slightly gentler way to 
implement similar stuff, but iptables and perhaps a creative netlables 
solution to lock in what you need and how you need it, is a far better 
solution.

- KB
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux