abuse@ and postmaster@ in the modern world?
dwilson at unixdaemon.net
Fri Nov 17 17:36:00 GMT 2006
On Fri, Nov 17, 2006 at 05:23:24PM +0000, Alex Knowles wrote:
> is it very naive of me to assume that turning off passwords and only
> allowing key based auth is a valid way of dealing with people attempting
> to brute force their way in?
It'll stop them getting in by brute forcing but it doesn't stop the logs
from filling up with failed attempts.
I'm curious as to how many people audit the successful ssh logins
as well as the failed ones. Not many people I've spoken to do and
to be honest if I can know about one of the two I'd like to know
who did get in...
Something else worth noting is that the next ssh exploit based worm/zero
day scanner won't be slowed down by these blocking scripts. They only
protect against brute force attacks. Which is fine, as long as the
limitation is known.
Dean Wilson http://www.unixdaemon.net
Profanity is the one language all programmers understand
More information about the london.pm