A more amusing alternative is to move SSH to another port, and put the LaBrea tarpit on port 22 and any other commonly attacked ports (firewall module). Amusing but probably a bit irresponsible towards people who get to that port on your machine by accident.
-----Original Message----- From: Jaime Santos [mailto:jesantos@alexandre-santos.com] Sent: Monday, December 12, 2005 5:17 PM To: suse-security@suse.com Subject: Re: [suse-security] Openssh + security
Hi Bruno,
That is correct, portsentry which drops any address from which a portscan is attempted into the hosts to be denied by the firewall, was, I believe, discontinued. This checked for portscans on all ports, not just port 22.
I would also be interested to know if there is an updated alternative tool.
Thanks. Best, Jaime.