Gentoo Archives: gentoo-security

From: Brian Micek <bmicek@×××××××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] If your interested
Date: Mon, 10 Oct 2005 05:33:42
Message-Id: 1128921864.25181.52.camel@localhost.localdomain
In Reply to: Re: [gentoo-security] If your interested by Taka John Brunkhorst
1 On Mon, 2005-10-10 at 12:55 +0800, Taka John Brunkhorst wrote:
2
3 > nice but why do we need to block them?
4 > ssh worms? or just lamers?
5
6 I can shed light on this:
7
8 The current Linux thread seems to be minimal and consists of ssh probes
9 followed by brute-force ssh guessing. This is a minor threat however we
10 are currently living in fortunate times. Certain regions in Asia are
11 out of control and ISPs cannot manage their networks. Our concern is
12 not the present but the future when times might not be so pleasant.
13 Everyone remembers the SSH vulnerabilities that had no workaround other
14 than hiding that (sshd) service the best you could. I think we are
15 concerned about the future when there are no workaround for servers we
16 rely on.
17
18 To be honest, my ISP which is speakeasy is the worst ISP in America from
19 my experience when dealing with hackers. The abuse team at that ISP is
20 terrible, rude and inefficient and they are aware of it (however the
21 quality and technical support of Speakeasy lines has been excellent for
22 me). America as well as any other region in the world has their
23 problems however there are hot spots. There are sketchy reports
24 concerning China encouraging this behavior.
25
26 Its now a viable solution to reject these packets from your home if your
27 not interested in them. The penalty for doing this is adding about 300
28 to 1,000 rules to your kernel iptables. I have to admit censorship
29 against a country like China who censors their Internet (on a brilliant
30 level) is anti-moral to me but I'm concerned about my future.
31
32 Brian
33
34 >
35 > --
36 > antiwmac@×××××.com
37 > Taka John Brunkhorst
38
39
40 Brian Micek

Attachments

File name MIME type
signature.asc application/pgp-signature