Security process
Justin C. Sherrill
justin at shiningsilence.com
Tue Mar 9 09:41:26 PST 2010
On Tue, March 9, 2010 12:16 pm, Walter wrote:
> I don't understand how blocking an IP that has had
> a hundred failed login attempts in the last ten
> minutes could create a DoS hole...
I bet each firewall out there has an accompanying script to do this - it's
a common problem. There was even something with it for DragonFly:
http://www.shiningsilence.com/dbsdlog/2005/03/04/984.html
Moving ssh to a nonstandard port (to keep your logs clear) and using
keyfiles instead of passwords appears to be the best bet, at this point.
More information about the Users
mailing list