SSH Brute Force attempts
Bill Moran
wmoran at collaborativefusion.com
Tue Sep 30 15:50:16 UTC 2008
In response to Oliver Fromme <olli at lurza.secnetix.de>:
> Pierre Riteau wrote:
>
> > Because the 3-way handshake ensures that the source address is not being
> > spoofed, more aggressive action can be taken based on these limits.
>
> s/not being spoofed/more difficult to spoofe/ ;-)
On a modern OS (like FreeBSD) where ISNs are random, the possibility of
blindly spoofing an IP during a 3-way handshake is so low as to be
effectively impossible.
Yes, it _can_ be done, but the effort required makes it not an effective
method of attack.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmoran at collaborativefusion.com
Phone: 412-422-3463x4023
More information about the freebsd-hackers
mailing list