Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: "Łukasz C. Jokiel" <Lukasz.Jokiel@...>
Subject: Re: SSH probes
Date: Sun, 06 Nov 2005 13:59:54 +0100
Adam Sroka napisał(a):
> Brian Micek wrote:
> 
>> I don't think you understand what I'm proposing.  I am currently 
>> cat(1)ing /dev/urandom on TCP port 22 in hopes to discourage hackers 
> It's roughly analogous to pointing a loaded shotgun at the door and 
> tying a string to the trigger so that whoever opens the door gets shot. 

Adam, he's not pointing a gun :).

The better analogy would be that he's put a sick dog standing by his door, and 
someone tries to OPEN them not just knock. Kiddie tries few keys and then dog 
starts to barf at him. If that would be a normal ssh client, he'd come clean, 
but since it's a script kiddie - well...

If someone tries to root access via ssh on every IP - that's not knocking, 
that's like checking all my doors.


-- 
  -=[ Lukasz C. Jokiel ]=- | Klonex VCS, Zbozowa 27, 45-837 Opole.
CCNA/CCDA/CCCS; DOCSIS,CMTS,cable modems,ISD; Linux Cable Services
sys&net adm@... | phone: +48774572901*116 | Skype: lcjoker
             -=[ http://lukasz.jokielowie.com/ ]=-
-- 
gentoo-security@g.o mailing list


References:
SSH probes
-- Brian Micek
Re: SSH probes
-- William Yang
Re: SSH probes
-- Brian Micek
Re: SSH probes
-- Adam Sroka
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: SSH probes
Next by thread:
Re: SSH probes
Previous by date:
Re: SSH probes
Next by date:
Snort alert with Squid ?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.