Mailinglist Archive: opensuse-security (138 mails)
| < Previous | Next > |
Re: SPAM: Re: [suse-security] Openssh + security
- From: John Summerfield <suse@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 13 Dec 2005 22:18:45 +0800
- Message-id: <439ED845.7050502@xxxxxxxxxxxxxxxxxxxxxx>
Carlos E. R. wrote:
>
> The Sunday 2005-12-11 at 15:46 -0800, Scott Leighton wrote:
>
>>> Yes, the script kiddies are a nuisance. I use login_sentry to send
>>> them on their way (it adds their IP address to hosts.deny).
>
> That list could grow very large. Also, if those attacks come from dynamic
> ips, you could have a deny line for an IP that has changed owner, and now
> is an honest person, while the attacker is using a new one you do not have
> listed yet.
>
> I think I read in passing somewhere about an iptables rule to deny
> temporarily access to a certain IP; the rule is temporary and disappears
> after some time, freeing resources.
>
> But I don't know what is it.
>
I'd be fairly happy blocking a class C network from "by arrangement"
services, but then I work with places with tens of employees:
>
> The Sunday 2005-12-11 at 15:46 -0800, Scott Leighton wrote:
>
>>> Yes, the script kiddies are a nuisance. I use login_sentry to send
>>> them on their way (it adds their IP address to hosts.deny).
>
> That list could grow very large. Also, if those attacks come from dynamic
> ips, you could have a deny line for an IP that has changed owner, and now
> is an honest person, while the attacker is using a new one you do not have
> listed yet.
>
> I think I read in passing somewhere about an iptables rule to deny
> temporarily access to a certain IP; the rule is temporary and disappears
> after some time, freeing resources.
>
> But I don't know what is it.
>
I'd be fairly happy blocking a class C network from "by arrangement"
services, but then I work with places with tens of employees:
| < Previous | Next > |