Gentoo Archives: gentoo-security

From: "W.Kenworthy" <billk@×××××××××.au>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] If your interested
Date: Mon, 10 Oct 2005 05:19:16
Message-Id: 1128921148.17076.27.camel@localhost
In Reply to: Re: [gentoo-security] If your interested by Taka John Brunkhorst
defence in depth: They know that a system running ssh resides at this
address so they can move onto probing for other weaknesses, you have
already identified them as probing for a known vulnerability - so why
take a chance that the next probe they do will hit on an unpatched,
unknown hole?  And as far as ssh goes, if they can try one password,
they can try more and may get "lucky".

They have been identified, dont let them keep on trying each door handle
or window looking for any left unlocked.  

Lastly, are you absolutely, without qualification sure that you, or
another user has not (even accidentally) run an app that is leaving the
system vulnerable, that all passwords are 100% secure and unguessable,
or that you have patched all known or *unknown* holes ...

I thought not!


On Mon, 2005-10-10 at 12:55 +0800, Taka John Brunkhorst wrote:
> nice but why do we need to block them? > ssh worms? or just lamers? > > -- > antiwmac@×××××.com > Taka John Brunkhorst
-- gentoo-security@g.o mailing list