[CentOS] Defending againts simultanious attacks
Walt Reed
wreed at vinq.com
Thu Feb 15 21:15:40 UTC 2007
There is for ssh.
Denyhosts has a syncronization mode where you can share info back to the
community.
http://denyhosts.sourceforge.net/
See the faq for sync mode.
On Thu, Feb 15, 2007 at 11:27:05AM -0500, Drew Weaver said:
> I find it kind of odd that noone has come up with a 'RBL' for bots...
>
> ISPs could easily receive routes via BGP from "some trusted source" that
> has NULL routes for all of the 'infected' hosts which are attacking
> people..
>
> A few dozen honeypots and you would quickly have a large list of
> infected hosts in which to ignore entirely.
>
> -Drew
>
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of chrism at imntv.com
> Sent: Thursday, February 15, 2007 11:10 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] Defending againts simultanious attacks
>
> John R Pierce wrote:
> > chrism at imntv.com wrote:
> >> That doesn't really have much affect anymore. The bad people are now
>
> >> scanning high ports looking for any sshd (or other service) that's
> >> listening.
> >>
> >
> >
> > they aren't "people", they are virus/worms... blindly poking at ports
> > and trying the same lame list of passwords.
> >
> > you can't make them stop, unless you control the entire world... just
> > ignore the noise.
>
>
> I think everyone on the list is aware of the automated nature of the
> attacks. And I *do* ignore the noise.
>
> Cheers,
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
--
Walt Reed
wreed at vinq.com
Office: 207-753-7333
Cell: 207-577-0699
http://www.vinq.com
More information about the CentOS
mailing list