Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: [suse-security] Re: Automatically blacklist IP after multiple SSH login failures
  • From: Bastian Friedrich <bastian@xxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 9 Aug 2002 01:02:49 +0200
  • Message-id: <200208090102.55416.bastian@xxxxxxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Am Donnerstag, 8. August 2002 22:01 schrieb Jeff Stewart:
> That's a good idea, but I want to be able to shell in from public
> computers. Maybe instead of blocking the IP address, I should block
> the username from logging in after a certain number of tries.

This idea is even worse, as it leads to an easy DoS: If I know your box'
IP, I simply connect a couple of times with your login - and
afterwards, you're no longer able to connect.

Bastian

- --
Bastian Friedrich bastian@xxxxxxxxxxxxxxxxxxxx
Adress & Fon available on my HP http://www.bastian-friedrich.de/
\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\
\ Fachbegriffe der Informatik - 117: "Las Vegas"
\ Mekka fuer experimentelle Statistik
\ Jens Hoffmann
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9Uvielbo7EtEt1mYRAh0kAJ4qI7i6UoJKdwNi0Wl5IAv7YWejPACfY2QI
DaS0kPkqLisMO4NihSIEfWU=
=GpPO
-----END PGP SIGNATURE-----


< Previous Next >
Follow Ups
References