| 1 |
Hi there |
| 2 |
|
| 3 |
2006/10/5, Daniel da Veiga <danieldaveiga@×××××.com>: |
| 4 |
> |
| 5 |
> On 10/5/06, José González Gómez <jgonzalez.openinput@×××××.com> wrote: |
| 6 |
> > Hi there, |
| 7 |
> > |
| 8 |
> > I've got a virtual private server hosted somewhere and they're blocking |
| 9 |
> me |
| 10 |
> > because their intrusion detection system detects 10 ssh connections in |
| 11 |
> less |
| 12 |
> > than 2 minutes from my current IP. My question is: is it possible for an |
| 13 |
> > intrusion detection system to differentiate between successful and |
| 14 |
> > unsuccessful ssh connections so they don't block me? Of course all my |
| 15 |
> > connections are successful. |
| 16 |
> > |
| 17 |
> |
| 18 |
> As Hans-Werner already told you, there are better ways to detect |
| 19 |
> intrusion, and of course they could implement it in a way successful |
| 20 |
> connection would not cause the intrusion detect system to block you, |
| 21 |
> but its a bit more complicated and would involve the whole system, |
| 22 |
> wich most providers do not want/care to have and if they have, they |
| 23 |
> charge over it. |
| 24 |
> |
| 25 |
> The questions here, if you don't want to argue with your host |
| 26 |
> provider, would be: |
| 27 |
> 1) Is there another provider that does not have such limitation? |
| 28 |
|
| 29 |
|
| 30 |
Well, I would really know about this... does anybody know? |
| 31 |
|
| 32 |
2) 10 connection in 2 minutes is a good config, why do you have so |
| 33 |
> many connections in so little time? Is there another way to do |
| 34 |
> whatever you're trying to do with less connections? |
| 35 |
|
| 36 |
|
| 37 |
Unfortunately I'm not "responsible" for making these connections. I'm using |
| 38 |
Maven (http://maven.apache.org/) to deploy some files to my server. Maven |
| 39 |
seems to use a different ssh connection for every operation it does (check |
| 40 |
for current version deployed, read metadata, copy several files to remote |
| 41 |
server...). I'll write to the Maven list to ask about this, maybe there is |
| 42 |
some way to slow down or reuse connections. |
| 43 |
|
| 44 |
I've rewrote a complete system just so I would not have to discuss my |
| 45 |
> ISP security policies. I guess it was faster to change a few hundred |
| 46 |
> lines of code than to keep calling them on the phone to argue about it |
| 47 |
> (if I could, I would have changed ISP). |
| 48 |
> |
| 49 |
> |
| 50 |
Well, that's another option. After all Maven is open source, so I could take |
| 51 |
a look at the code making the connections and try to improve it. |
| 52 |
|
| 53 |
Thanks a lot, best regards |
| 54 |
Jose |
Archives