From: | Mark <znxster@×××××.com> | ||
---|---|---|---|
To: | gentoo-hardened@l.g.o | ||
Subject: | Re: [gentoo-hardened] Hardening SSHD | ||
Date: | Tue, 24 Oct 2006 19:40:30 | ||
Message-Id: | 169ffc030610241237p1a79556do5af0be03bec57045@mail.gmail.com | ||
In Reply to: | Re: [gentoo-hardened] Hardening SSHD by Andrew Ross |
1 | On 24/10/06, Andrew Ross <aross@g.o> wrote: |
2 | > There is an excellent article at |
3 | > http://www.debian-administration.org/articles/187 describing the use of |
4 | > the "recent" netfilter module in stopping brute-force ssh attacks at the |
5 | > firewall level. |
6 | |
7 | The negative with this approach is that it affects ALL ssh |
8 | connections, including valid ones. If a known user logs in correctly 4 |
9 | times in too short a time, they too are banned. |
10 | |
11 | Mark |
12 | -- |
13 | gentoo-hardened@g.o mailing list |
Subject | Author |
---|---|
Re: [gentoo-hardened] Hardening SSHD | Daniel Black <dragonheart@g.o> |