DragonFly users List (threaded) for 2010-03
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: Security process

From:	"Justin C. Sherrill" <justin@xxxxxxxxxxxxxxxxxx>
Date:	Tue, 9 Mar 2010 12:39:42 -0500

On Tue, March 9, 2010 12:16 pm, Walter wrote:

> I don't understand how blocking an IP that has had
> a hundred failed login attempts in the last ten
> minutes could create a DoS hole...

I bet each firewall out there has an accompanying script to do this - it's
a common problem.  There was even something with it for DragonFly:

http://www.shiningsilence.com/dbsdlog/2005/03/04/984.html

Moving ssh to a nonstandard port (to keep your logs clear) and using
keyfiles instead of passwords appears to be the best bet, at this point.

Follow-Ups:
- Re: Security process
  - From: "Steve O'Hara-Smith" <steve@sohara.org>

References:
- Security process
  - From: Walter <walter@spam.no>
- Re: Security process
  - From: Aggelos Economopoulos <aoiko@cc.ece.ntua.gr>
- Re: Security process
  - From: Walter <walter@spam.no>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]