[CentOS] Is there an openssh security problem?
Rainer Duffner
rainer at ultra-secure.de
Fri Jul 10 13:59:29 UTC 2009
Rob Kampen schrieb:
> Not really protection - rather a deterrent - it just makes it slower
> for the script kiddies that try brute force attacks - they have to
> pace themselves to one try per minute rather than one or two per
> second. Thus they normally move on to an easier target.
> You can also use iptables to allow say four attempts from an IP and
> then block for 5 or more minutes - this is what I use.
Not really, either ;-)
Brute-forcing has long-since started to go distributed, fooling fail2ban
and similar scripts with just 3 or 4 checks per single source-host.
The bad guys do cloud-computing, too....
Rainer
More information about the CentOS
mailing list