Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Brian Micek <bmicek@...>
Subject: Re: If your interested
Date: Mon, 10 Oct 2005 01:24:24 -0400
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
  <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
  <META NAME="GENERATOR" CONTENT="GtkHTML/3.3.2">
</HEAD>
<BODY>
<BR>
On Mon, 2005-10-10 at 12:55 +0800, Taka John Brunkhorst wrote:<BR>
<BLOCKQUOTE TYPE=CITE>
    <FONT COLOR="#000000">nice but why do we need to block them?</FONT><BR>
    <FONT COLOR="#000000">ssh worms? or just lamers?</FONT><BR>
</BLOCKQUOTE>
I can shed light on this:<BR>
<BR>
The current Linux thread seems to be minimal and consists of ssh probes followed by brute-force ssh guessing.&nbsp; This is a minor threat however we are currently living in fortunate times.&nbsp; Certain regions in Asia are out of control and ISPs cannot manage their networks.&nbsp; Our concern is not the present but the future when times might not be so pleasant.&nbsp; Everyone remembers the SSH vulnerabilities that had no workaround other than hiding that (sshd) service the best you could.&nbsp; I think we are concerned about the future when there are no workaround for servers we rely on.<BR>
<BR>
To be honest, my ISP which is speakeasy is the worst ISP in America from my experience when dealing with hackers.&nbsp; The abuse team at that ISP is terrible, rude and inefficient and they are aware of it (however the quality and technical support of Speakeasy lines has been excellent for me).&nbsp; America as well as any other region in the world has their problems however there are hot spots.&nbsp; There are sketchy reports concerning China encouraging this behavior.<BR>
<BR>
Its now a viable solution to reject these packets from your home if your not interested in them.&nbsp; The penalty for doing this is adding about 300 to 1,000 rules to your kernel iptables.&nbsp; I have to admit censorship&nbsp; against a country like China who censors their Internet (on a brilliant level) is anti-moral to me but I'm concerned about my future.<BR>
<BR>
Brian<BR>
<BLOCKQUOTE TYPE=CITE>
    <BR>
    <FONT COLOR="#000000">-- </FONT><BR>
    <FONT COLOR="#000000"><A HREF="mailto:antiwmac@...">antiwmac@...</A></FONT><BR>
    <FONT COLOR="#000000">Taka John Brunkhorst</FONT><BR>
</BLOCKQUOTE>
<BR>
Brian Micek
</BODY>
</HTML>
Attachment:
signature.asc (This is a digitally signed message part)
References:
If your interested
-- Brian Micek
Re: If your interested
-- RADDS Support Team
Re: If your interested
-- Craig
Re: If your interested
-- Brian Micek
Re: If your interested
-- Taka John Brunkhorst
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: If your interested
Next by thread:
Re: If your interested
Previous by date:
Re: If your interested
Next by date:
Re: If your interested


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.