[CentOS] Is there an openssh security problem?

Fri Jul 10 14:25:41 UTC 2009
Karanbir Singh <mail-lists at karan.org>

On 07/10/2009 02:59 PM, Rainer Duffner wrote:
> Brute-forcing has long-since started to go distributed, fooling fail2ban
> and similar scripts with  just 3 or 4 checks per single source-host.

I've never been a big fan of either denyhosts or fail2ban, both of them 
are just making it easier for someone else to ddos you, and achieve 
little in terms of the real problem, as you said here the brute forcing 
has gone into the spam-botnets a long time back.

as an example : one of my machines got ssh attempts from > 3500 
different ip's in under an hour a few weeks back.

pam_shield and similar solutions offer a slightly gentler way to 
implement similar stuff, but iptables and perhaps a creative netlables 
solution to lock in what you need and how you need it, is a far better 
solution.

- KB