Gentoo Archives: gentoo-security

From: Brian Micek <bmicek@×××××××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] If your interested
Date: Mon, 10 Oct 2005 05:33:42
Message-Id: 1128921864.25181.52.camel@localhost.localdomain
In Reply to: Re: [gentoo-security] If your interested by Taka John Brunkhorst
On Mon, 2005-10-10 at 12:55 +0800, Taka John Brunkhorst wrote:

> nice but why do we need to block them? > ssh worms? or just lamers?
I can shed light on this: The current Linux thread seems to be minimal and consists of ssh probes followed by brute-force ssh guessing. This is a minor threat however we are currently living in fortunate times. Certain regions in Asia are out of control and ISPs cannot manage their networks. Our concern is not the present but the future when times might not be so pleasant. Everyone remembers the SSH vulnerabilities that had no workaround other than hiding that (sshd) service the best you could. I think we are concerned about the future when there are no workaround for servers we rely on. To be honest, my ISP which is speakeasy is the worst ISP in America from my experience when dealing with hackers. The abuse team at that ISP is terrible, rude and inefficient and they are aware of it (however the quality and technical support of Speakeasy lines has been excellent for me). America as well as any other region in the world has their problems however there are hot spots. There are sketchy reports concerning China encouraging this behavior. Its now a viable solution to reject these packets from your home if your not interested in them. The penalty for doing this is adding about 300 to 1,000 rules to your kernel iptables. I have to admit censorship against a country like China who censors their Internet (on a brilliant level) is anti-moral to me but I'm concerned about my future. Brian
> > -- > antiwmac@×××××.com > Taka John Brunkhorst
Brian Micek

Attachments

File name MIME type
signature.asc application/pgp-signature