Attacks on ssh port

Zoran Kolic kolicz at EUnet.yu
Sun Sep 19 23:27:26 PDT 2004

Dear all!
There is possibility that someone
makes fake tide of IP addresses,
just to hide his own. If the list
is long enough, that IP could be
even not logged. If the packets
are "syn", IPs you answer don't
exist, you have syn flood and death
of the server. However, only total
idiot would make such kind of attack.
Everybody knows he is trying some-
thing. Suspect "script kid". Little
joke with your server and you have
a lot of job to do.
Just be aware not to open new gate
for another kind of attack. Human is
the wickiest part of chain.
Best regards


More information about the freebsd-security mailing list