I love IP Tables....
jdow
jdow at earthlink.net
Mon May 28 00:47:14 UTC 2007
From: "Les Mikesell" <lesmikesell at gmail.com>
> Tom Rivers wrote:
>> On Sat, 2007-05-26 at 13:16 -0700, Wolfgang S. Rupprecht wrote:
>>> Such programs help you save the CPU time of sshd answering the
>>> connection from a single abusive host, but would do little against a
>>> distributed botnet attack. Luckily botnets aren't really used against
>>> sshd yet, but it they were you'd potentially be seeing distributed
>>> guessing attacks from 10,000 different hosts. If they all took turns
>>> to guess a single password in round-robin fashion, the filters would
>>> never trip.
>>
>> You're right. What do you recommend to protect against this sort of
>> attack?
>>
>
> Don't make a lot of enemies???
More like, "don't look like a very juicy target."
A tarpit machine with a redirection based on recent might be a really
fun trick if you want some entertainment.
{^_-}
More information about the fedora-list
mailing list