Gentoo Archives: gentoo-user

From: "Dmitry S. Makovey" <dmitry@××××××××××.ca>
To: gentoo-user@l.g.o
Cc: Christian Franke <cfchris6@×××××.de>
Subject: Re: [gentoo-user] Curious pattern in log files from ssh...
Date: Thu, 04 Dec 2008 20:27:10
Message-Id: 200812041322.54849.dmitry@athabascau.ca
In Reply to: Re: [gentoo-user] Curious pattern in log files from ssh... by Christian Franke
1 On December 4, 2008, Christian Franke wrote:
2 > I just don't see what blocking ssh-bruteforce attempts should be good
3 > for, at least on a server where few _users_ are active.
4
5 Considering how much creative paranoia I've exposed in this thread it might
6 come as a surprise, but I do agree with the above statement. Strong passwords
7 (or key-only authentication) would prevent brute-force attacks from being
8 successfull. The only thing that is semi-usefull side-effect is that you can
9 identify compromised machines and deny ANY type of traffic from them
10 preventing possible DoS launched against you. But then IPs are so easy to
11 spoof :) Balance is what makes sysadmin comfortable enough and doesn't
12 compromise usability of the server, so everybody decides for themselves. OP
13 obviously wants that "extra" layer of protection and notification so with a
14 bit of creativity and some external tools it's possible to achieve. As long
15 as he doesn't forget about other aspects of security - he should do just fine
16 with all those extra measures :)
17
18 --
19 Dmitry Makovey
20 Web Systems Administrator
21 Athabasca University
22 (780) 675-6245

Attachments

File name MIME type
signature.asc application/pgp-signature