Gentoo Archives: gentoo-security

From: "W.Kenworthy" <billk@×××××××××.au>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] If your interested
Date: Mon, 10 Oct 2005 05:19:16
Message-Id: 1128921148.17076.27.camel@localhost
In Reply to: Re: [gentoo-security] If your interested by Taka John Brunkhorst
1 defence in depth: They know that a system running ssh resides at this
2 address so they can move onto probing for other weaknesses, you have
3 already identified them as probing for a known vulnerability - so why
4 take a chance that the next probe they do will hit on an unpatched,
5 unknown hole? And as far as ssh goes, if they can try one password,
6 they can try more and may get "lucky".
7
8 They have been identified, dont let them keep on trying each door handle
9 or window looking for any left unlocked.
10
11 Lastly, are you absolutely, without qualification sure that you, or
12 another user has not (even accidentally) run an app that is leaving the
13 system vulnerable, that all passwords are 100% secure and unguessable,
14 or that you have patched all known or *unknown* holes ...
15
16 I thought not!
17
18 BillK
19
20 On Mon, 2005-10-10 at 12:55 +0800, Taka John Brunkhorst wrote:
21 > nice but why do we need to block them?
22 > ssh worms? or just lamers?
23 >
24 > --
25 > antiwmac@×××××.com
26 > Taka John Brunkhorst
27 --
28 gentoo-security@g.o mailing list