Damien Miller wrote: > Anti-authentication brute force scripts should probably look for actual > auth attempts rather than connections; those are well-mitigated by > MaxStartups already... Hmm, looking at the man-page this does not use the source IP. So an active MaxStartups setting can easily be abused for low-level DoS attack locking out the real admin accessing SSH demon from its e.g. internal IP. AFAICT most other tools set limits based on source IP. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev