[CentOS] Is there an openssh security problem?
Karanbir Singh
mail-lists at karan.org
Fri Jul 10 14:25:41 UTC 2009
On 07/10/2009 02:59 PM, Rainer Duffner wrote:
> Brute-forcing has long-since started to go distributed, fooling fail2ban
> and similar scripts with just 3 or 4 checks per single source-host.
I've never been a big fan of either denyhosts or fail2ban, both of them
are just making it easier for someone else to ddos you, and achieve
little in terms of the real problem, as you said here the brute forcing
has gone into the spam-botnets a long time back.
as an example : one of my machines got ssh attempts from > 3500
different ip's in under an hour a few weeks back.
pam_shield and similar solutions offer a slightly gentler way to
implement similar stuff, but iptables and perhaps a creative netlables
solution to lock in what you need and how you need it, is a far better
solution.
- KB
More information about the CentOS
mailing list