I love IP Tables....

Les Mikesell lesmikesell at gmail.com
Sun May 27 16:14:08 UTC 2007


Tom Rivers wrote:
> On Sat, 2007-05-26 at 13:16 -0700, Wolfgang S. Rupprecht wrote:
>> Such programs help you save the CPU time of sshd answering the
>> connection from a single abusive host, but would do little against a
>> distributed botnet attack.  Luckily botnets aren't really used against
>> sshd yet, but it they were you'd potentially be seeing distributed
>> guessing attacks from 10,000 different hosts.  If they all took turns
>> to guess a single password in round-robin fashion, the filters would
>> never trip.
> 
> You're right.  What do you recommend to protect against this sort of
> attack?
> 

Don't make a lot of enemies???

-- 
   Les Mikesell
    lesmikesell at gmail.com




More information about the fedora-list mailing list