[LAD] [ot] - NEED some security advise PLEASE!
fbar at footils.org
Sun Feb 15 10:39:09 UTC 2009
Arnold Krille hat gesagt: // Arnold Krille wrote:
> I have a script that filters the log-files for "invalid user", extracts the IP
> and adds it to the RECENT table (which is used for blocking for five minutes).
> But some of these attackers have botnets which means a lot of IP's to be
> blocked before they finished their username-list...
Basically that's what denyhost does, and it also has additional features
like a realtime bla/ocklist, which also blocks distributed
attacks that are not affected by blocking single IPs because one
attacker there is able to use a new IP for each attempt. OTOH botnets
usually are interested in servers with more valuable data than most of
> From my experience using key-logins only helps when you have only linux users.
> Most windows people don't really understand the concepts of security, public
> keys and such.
True, but for home-machines of Linux Audio freaks, usually nobody from a
Windows machine needs to log in anyway. ;) And if it's a public server,
I'd rather not have anybody logging in through ssh who is not capable of
dealing with key logins. I disabled password logins through ssh on
my public machines.
More information about the Linux-audio-dev