[CentOS] ssh attack

Thu Feb 16 20:18:41 UTC 2006
John Hinton <webmaster at ew3d.com>

Jim Smith wrote:
> Without sounding rude, this item features quite regularly and it
> would be faster to search. For example this was on the Nahant list
> recently (some of the Redhat's devs views particularly on denyhosts
> is amazing.), is a sticky in the gentoo forums, features in fedora
> forum and Linux Questions etc.

I know what you're saying.. but...

Let me predicate this with my goal of working within the CentOS 
distribution almost exclusively. My main use is internet server systems. 
Setting up and maintaining servers is already getting very complex... 
not to mention needing to keep up potential security issues for those 
'other' programs/packages. I admit.. I'm anal about this.

When I 'search', particularly on very common things, the relevance of 
the returns is worse than horrid. I've spent hours, many times without 
ever producing the particular search string to get to potential answers. 
Also, when on this list, I know the information is most of the time 
pertinent to CentOS and its base package set... not leading off into a 
wild goosechase, leading to compiling, blah blah blah.. adding 
non-standard packages and getting to an end that many times doesn't fit 
after many hours have passed. Dependency hell can be enough at times.... 
I'm sure most of you know the drill. Searches just many times don't 
produce for me.

 From another recent thread... simple FTP! How common is that? But yet 
somehow I had missed the ip_conntrack_ftp 'key', which solved my issues 
with passive ftp. I didn't make a post, but the thread was fantastic. 
And on it goes with this list. Yes, sometimes it's something I already 
know.. might interject a bit here and there.. many times it's about 
something I'll never need.

But I vote to keep the common stuff going... If nothing else it provides 
alternatives.. and based on who is suggesting what, as I've come to know 
what to pay close attention to.. and what to totally discount (just 
kidding ;) ). This list is sort of like my CentOS Daily (minute-ly) 
Newspaper. Some articles I read, some I don't. My overall knowledge has 

Thanks to all. And Jim, I'm not meaning to pick on you here either, but 
these ssh dictionary attacks have been bothersome to me and the 
'alternative' solution's', has made this latest thread interesting for 
me. But yeah, I could say the same thing as above with regards to other 
threads..... but those are likely helping many others............ Lets 
see, on my motorcycle lists... it's the oil thread, the tire thread, 
blah blah blah... As someone did suggest though, a FAQ on SSH would be a 
good idea.

Best Regards,
John Hinton