DragonFly BSD
DragonFly users List (threaded) for 2010-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Security process


From: "Justin C. Sherrill" <justin@xxxxxxxxxxxxxxxxxx>
Date: Tue, 9 Mar 2010 12:39:42 -0500

On Tue, March 9, 2010 12:16 pm, Walter wrote:

> I don't understand how blocking an IP that has had
> a hundred failed login attempts in the last ten
> minutes could create a DoS hole...

I bet each firewall out there has an accompanying script to do this - it's
a common problem.  There was even something with it for DragonFly:

http://www.shiningsilence.com/dbsdlog/2005/03/04/984.html

Moving ssh to a nonstandard port (to keep your logs clear) and using
keyfiles instead of passwords appears to be the best bet, at this point.




[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]