Archives
Archives
| From: | Mark <znxster@×××××.com> | ||
|---|---|---|---|
| To: | gentoo-hardened@l.g.o | ||
| Subject: | Re: [gentoo-hardened] Hardening SSHD | ||
| Date: | Tue, 24 Oct 2006 19:40:30 | ||
| Message-Id: | 169ffc030610241237p1a79556do5af0be03bec57045@mail.gmail.com | ||
| In Reply to: | Re: [gentoo-hardened] Hardening SSHD by Andrew Ross |
||
| 1 | On 24/10/06, Andrew Ross <aross@g.o> wrote: |
| 2 | > There is an excellent article at |
| 3 | > http://www.debian-administration.org/articles/187 describing the use of |
| 4 | > the "recent" netfilter module in stopping brute-force ssh attacks at the |
| 5 | > firewall level. |
| 6 | |
| 7 | The negative with this approach is that it affects ALL ssh |
| 8 | connections, including valid ones. If a known user logs in correctly 4 |
| 9 | times in too short a time, they too are banned. |
| 10 | |
| 11 | Mark |
| 12 | -- |
| 13 | gentoo-hardened@g.o mailing list |
| Subject | Author |
|---|---|
| Re: [gentoo-hardened] Hardening SSHD | Daniel Black <dragonheart@g.o> |