On 12/04/2019 15:47, Mike Bird wrote:
On Fri April 12 2019 03:44:55 Michael Howard via trinity-users wrote:
On 12/04/2019 09:03, deloptes wrote:
If you are target or not - you do not know. I see in the last couple of
months constant brute force attacks on my ssh server
and upgrading will stop that? No. A bit of filtering of known spam IPs
would help much more.
Attackers mount attacks from the new systems they pwn - possibly
including yours.
It is not feasible to block millions of infected IP addresses with
thousands more infected and disinfected every day.
Of course it's possible to block millions, if you have their IPs. It
wouldn't be efficient but then 'millions' are not brute force attacking
my, or your, or deloptes system at any one time. If they were, it would
be pointless anyway. The point is, if you have a regularly updated list
of known spam IPs, which we do, and you use a decent firewall, which I
do, you can prevent a huge amount of brute force attacks by just
dropping the connection.
The reason why my system _isn't_ infected is because I do just that. I
don't rely completely on debian devs to right their own wrongs, nor
should I.
--
Mike Howard
---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx
Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/
Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
