SSH Brute Force attempts
Jeremy Chadwick
koitsu at FreeBSD.org
Tue Sep 30 09:45:23 UTC 2008
On Tue, Sep 30, 2008 at 09:56:32AM +0200, Jeroen Ruigrok van der Werven wrote:
> -On [20080930 05:14], Rich Healey (healey.rich at gmail.com) wrote:
> >What do you BSD guys use for this purpose?
>
> I actually use blockhosts, which is a Python solution you tie into
> hosts.allow.
>
> http://www.aczoom.com/cms/blockhosts
In no way shape or form does this solve the problem of the attackers
being able to establish a TCP connection to you -- they are still tying
up sockets, mbufs, and extra network I/O (coming from you when you
respond and close the socket).
TCP wrappers are absolutely 100% worthless in this day and age.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-hackers
mailing list