Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: SPAM: Re: [suse-security] Openssh + security
  • From: John Summerfield <suse@xxxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 13 Dec 2005 22:18:45 +0800
  • Message-id: <439ED845.7050502@xxxxxxxxxxxxxxxxxxxxxx>
Carlos E. R. wrote:
>
> The Sunday 2005-12-11 at 15:46 -0800, Scott Leighton wrote:
>
>>> Yes, the script kiddies are a nuisance. I use login_sentry to send
>>> them on their way (it adds their IP address to hosts.deny).
>
> That list could grow very large. Also, if those attacks come from dynamic
> ips, you could have a deny line for an IP that has changed owner, and now
> is an honest person, while the attacker is using a new one you do not have
> listed yet.
>
> I think I read in passing somewhere about an iptables rule to deny
> temporarily access to a certain IP; the rule is temporary and disappears
> after some time, freeing resources.
>
> But I don't know what is it.
>

I'd be fairly happy blocking a class C network from "by arrangement"
services, but then I work with places with tens of employees:

< Previous Next >
Follow Ups