1 |
Hi there |
2 |
|
3 |
2006/10/5, Daniel da Veiga <danieldaveiga@×××××.com>: |
4 |
> |
5 |
> On 10/5/06, José González Gómez <jgonzalez.openinput@×××××.com> wrote: |
6 |
> > Hi there, |
7 |
> > |
8 |
> > I've got a virtual private server hosted somewhere and they're blocking |
9 |
> me |
10 |
> > because their intrusion detection system detects 10 ssh connections in |
11 |
> less |
12 |
> > than 2 minutes from my current IP. My question is: is it possible for an |
13 |
> > intrusion detection system to differentiate between successful and |
14 |
> > unsuccessful ssh connections so they don't block me? Of course all my |
15 |
> > connections are successful. |
16 |
> > |
17 |
> |
18 |
> As Hans-Werner already told you, there are better ways to detect |
19 |
> intrusion, and of course they could implement it in a way successful |
20 |
> connection would not cause the intrusion detect system to block you, |
21 |
> but its a bit more complicated and would involve the whole system, |
22 |
> wich most providers do not want/care to have and if they have, they |
23 |
> charge over it. |
24 |
> |
25 |
> The questions here, if you don't want to argue with your host |
26 |
> provider, would be: |
27 |
> 1) Is there another provider that does not have such limitation? |
28 |
|
29 |
|
30 |
Well, I would really know about this... does anybody know? |
31 |
|
32 |
2) 10 connection in 2 minutes is a good config, why do you have so |
33 |
> many connections in so little time? Is there another way to do |
34 |
> whatever you're trying to do with less connections? |
35 |
|
36 |
|
37 |
Unfortunately I'm not "responsible" for making these connections. I'm using |
38 |
Maven (http://maven.apache.org/) to deploy some files to my server. Maven |
39 |
seems to use a different ssh connection for every operation it does (check |
40 |
for current version deployed, read metadata, copy several files to remote |
41 |
server...). I'll write to the Maven list to ask about this, maybe there is |
42 |
some way to slow down or reuse connections. |
43 |
|
44 |
I've rewrote a complete system just so I would not have to discuss my |
45 |
> ISP security policies. I guess it was faster to change a few hundred |
46 |
> lines of code than to keep calling them on the phone to argue about it |
47 |
> (if I could, I would have changed ISP). |
48 |
> |
49 |
> |
50 |
Well, that's another option. After all Maven is open source, so I could take |
51 |
a look at the code making the connections and try to improve it. |
52 |
|
53 |
Thanks a lot, best regards |
54 |
Jose |