| 1 |
On Sun, Apr 01, 2007 at 11:49:06AM -0600, darren kirby wrote: |
| 2 |
> I realize there is a sense of satisfaction from using the TARPIT target that |
| 3 |
> is appealing, however you must consider: |
| 4 |
> |
| 5 |
> 1. These ssh bruteforce attacks are almost certainly coming from a zombie |
| 6 |
> botnet, and thus there is no human to realize their connection has |
| 7 |
> been 'stuck'. The zombie will happily freeze for 30 seconds then try again. |
| 8 |
> |
| 9 |
|
| 10 |
I use a -j DROP for my script that lasts for 1 hour. My experience |
| 11 |
from two years ago when I wrote that script was that the Bots stops |
| 12 |
trying after 5 minutes or so. YMMV |
| 13 |
|
| 14 |
W |
| 15 |
-- |
| 16 |
Willie W. Wong wwong@××××××××××××××.edu |
| 17 |
408 Fine Hall, Department of Mathematics, Princeton University, Princeton |
| 18 |
A mathematician's reputation rests on the number of bad proofs he has given. |
| 19 |
-- |
| 20 |
gentoo-user@g.o mailing list |
Archives