[CentOS] ssh attack
John Hinton
webmaster at ew3d.com
Thu Feb 16 20:18:41 UTC 2006
Jim Smith wrote:
> Without sounding rude, this item features quite regularly and it
> would be faster to search. For example this was on the Nahant list
> recently (some of the Redhat's devs views particularly on denyhosts
> is amazing.), is a sticky in the gentoo forums, features in fedora
> forum and Linux Questions etc.
>
Jim,
I know what you're saying.. but...
Let me predicate this with my goal of working within the CentOS
distribution almost exclusively. My main use is internet server systems.
Setting up and maintaining servers is already getting very complex...
not to mention needing to keep up potential security issues for those
'other' programs/packages. I admit.. I'm anal about this.
When I 'search', particularly on very common things, the relevance of
the returns is worse than horrid. I've spent hours, many times without
ever producing the particular search string to get to potential answers.
Also, when on this list, I know the information is most of the time
pertinent to CentOS and its base package set... not leading off into a
wild goosechase, leading to compiling, blah blah blah.. adding
non-standard packages and getting to an end that many times doesn't fit
after many hours have passed. Dependency hell can be enough at times....
I'm sure most of you know the drill. Searches just many times don't
produce for me.
From another recent thread... simple FTP! How common is that? But yet
somehow I had missed the ip_conntrack_ftp 'key', which solved my issues
with passive ftp. I didn't make a post, but the thread was fantastic.
And on it goes with this list. Yes, sometimes it's something I already
know.. might interject a bit here and there.. many times it's about
something I'll never need.
But I vote to keep the common stuff going... If nothing else it provides
alternatives.. and based on who is suggesting what, as I've come to know
what to pay close attention to.. and what to totally discount (just
kidding ;) ). This list is sort of like my CentOS Daily (minute-ly)
Newspaper. Some articles I read, some I don't. My overall knowledge has
grown.
Thanks to all. And Jim, I'm not meaning to pick on you here either, but
these ssh dictionary attacks have been bothersome to me and the
'alternative' solution's', has made this latest thread interesting for
me. But yeah, I could say the same thing as above with regards to other
threads..... but those are likely helping many others............ Lets
see, on my motorcycle lists... it's the oil thread, the tire thread,
blah blah blah... As someone did suggest though, a FAQ on SSH would be a
good idea.
Best Regards,
John Hinton
More information about the CentOS
mailing list