[CentOS] what percent of time are there unpatched exploits against default config?

Fri Dec 30 15:35:30 UTC 2011
Lamar Owen <lowen at pari.edu>

On Thursday, December 29, 2011 12:33:41 PM Ljubomir Ljubojevic wrote:
> If you use denyhosts or fail2ban, attacker needs 10,000 attack PC's that 
> never attacked any denyhosts or fail2ban server in recent time.

That would be a very small botnet.

And with gamers out there with CUDA-capable GPU's getting botted......

The scale of the botnets doing brute-forcing (among other nefariousness) should never be underestimated.  In addition to fail2ban, simple user-based login timeouts and lockouts can be used that survive botnet brute-forcing, but are DoS sitting ducks because of it.

Security is a hard problem.  There is no magic bullet.

Recent news should show that....