[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security....

On Wed, 2004-10-27 at 11:09, Andrey Andreev wrote:
> Scot L. Harris wrote:
> > On Wed, 2004-10-27 at 06:54, Jim Higson wrote:
> > 
> >>>Good points James...you missed one though... port 22. I see more attempts
> > Brute force login attempts against ssh can work if given enough time
> How about setting portsentry to block IPs (temporarily) after 10 or so 
> attempts? Can it do that (I kind of think so)?

So you slow down the brute force attack.  If you block it permanently
you set your self up to a DOS attack, just hit the system multiple times
using spoofed addresses until you have blocked a significant range of
addresses, or at least critical ones (such as DNS servers).  

Given enough time brute force attempts will work.  Period.
Scot L. Harris
webid cfl rr com

While you're chewing, think of STEVEN SPIELBERG'S bank account ...  his
will have the same effect as two "STARCH BLOCKERS"! 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]