DragonFly users List (threaded) for 2010-03
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: Security process

From:	"Steve O'Hara-Smith" <steve@xxxxxxxxxx>
Date:	Tue, 9 Mar 2010 18:24:31 +0000

On Tue, 9 Mar 2010 12:39:42 -0500
"Justin C. Sherrill" <justin@shiningsilence.com> wrote:

> On Tue, March 9, 2010 12:16 pm, Walter wrote:
> 
> > I don't understand how blocking an IP that has had
> > a hundred failed login attempts in the last ten
> > minutes could create a DoS hole...
> 
> I bet each firewall out there has an accompanying script to do this - it's
> a common problem.  There was even something with it for DragonFly:
> 
> http://www.shiningsilence.com/dbsdlog/2005/03/04/984.html
> 
> Moving ssh to a nonstandard port (to keep your logs clear) and using
> keyfiles instead of passwords appears to be the best bet, at this point.

	Definitely - and for those occasions where you want to be able to
access from places you don't want to put your private keys - opie.

-- 
Steve O'Hara-Smith                          |   Directable Mirror Arrays
C:>WIN                                      | A better way to focus the sun
The computer obeys and wins.                |    licences available see
You lose and Bill collects.                 |    http://www.sohara.org/

References:
- Security process
  - From: Walter <walter@spam.no>
- Re: Security process
  - From: Aggelos Economopoulos <aoiko@cc.ece.ntua.gr>
- Re: Security process
  - From: Walter <walter@spam.no>
- Re: Security process
  - From: "Justin C. Sherrill" <justin@shiningsilence.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]