Everybody is wrong and Per Jessen is right. End of discussion.
*sigh*
On Sun, Mar 30, 2008 at 2:53 PM, Per Jessen
Marcus Meissner wrote:
I would like to suggest that rate limiting like the above be added to SuSEfirewall2 though and enabled by default with home-user / desktop-suitable limits. On all services which are liable to a bruteforce attack.
ratelimiting can be set in SUSEfirewall2.
Default enabling it ... well, again triggers problems, because people might be fall into this trap due to legit use.
So which is best -
default rate-limits against brute force attacks on an open sshd which could just conceivably cause a problem for someone who cannot remember his/her password.
sshd disabled by default, preventing anyone access, regardless of whether they can remember their password or not.
And all of this only takes effect when the firewall has been shutdown anyway.
Purely my opinion - trying to protect people who have shut down the firewall even when exposed to an insecure environment is pointless.
I am all for giving newbies a "safer ride", but to achieve that, we need a "Windows-mode" tick-box during installation. With a more palatable text of course.
/Per Jessen, Zürich
--------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
--------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org