1 |
On Sun, Apr 01, 2007 at 11:49:06AM -0600, darren kirby wrote: |
2 |
> I realize there is a sense of satisfaction from using the TARPIT target that |
3 |
> is appealing, however you must consider: |
4 |
> |
5 |
> 1. These ssh bruteforce attacks are almost certainly coming from a zombie |
6 |
> botnet, and thus there is no human to realize their connection has |
7 |
> been 'stuck'. The zombie will happily freeze for 30 seconds then try again. |
8 |
> |
9 |
|
10 |
I use a -j DROP for my script that lasts for 1 hour. My experience |
11 |
from two years ago when I wrote that script was that the Bots stops |
12 |
trying after 5 minutes or so. YMMV |
13 |
|
14 |
W |
15 |
-- |
16 |
Willie W. Wong wwong@××××××××××××××.edu |
17 |
408 Fine Hall, Department of Mathematics, Princeton University, Princeton |
18 |
A mathematician's reputation rests on the number of bad proofs he has given. |
19 |
-- |
20 |
gentoo-user@g.o mailing list |