On Wed, Jun 23, 2021 at 06:15:12PM +0200, Thorsten Glaser <t.glaser@xxxxxxxxx> wrote: > On Wed, 23 Jun 2021, Saint Michael wrote: > > > why do we need to ruin the lives of millions of security officers? > > I got hacked in 72 servers this week, they installed Bitcoin miners. > > Uhm… just use a firewall? For example pf can easily handle > permitting access to SSH by host via tables. > > bye, > //mirabilos You can even have a little script that parses /etc/hosts.allow (even if sshd itself doesn't consult it), and creates firewall rules based on its contents. That way, it doesn't matter if the firewall is briefly down. Debian's sshd uses libwrap but I do this anyway because it's an easy way to manage the firewall, and because it dramatically reduces the sshd logs. cheers, raf _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
