SSH hank attempts bad?
sjansen at buscaluz.org
Wed Apr 12 11:04:27 MDT 2006
On Wed, 2006-04-12 at 10:46 -0600, Chris Carey wrote:
> On 4/12/06, Chris Carey <chris.carey at gmail.com> wrote:
> > I agree wholeheartedly. What I meant is that its futile to block
> > individual IPs. For every one you block, two more will appear. For an
> > Internet connected device, one should put a policy for security in
> > place that covers all IPs.
> > Chris Carey
> I want to make sure my comment is not taken out of of context. The way
> you snipped it makes it appear as if I was making a blanket "forget
> about it" approach to security in general. It was in response to
> setting up blacklists for IPs attempting to connect to the SSH port.
> Chris Carey
First: Trim your responses! I don't care if you're using gmail, many of
us aren't and we resent having to scroll forever to get to your
response. Show a little consideration.
Second: Temporarily blacklisting IPs that are making repeated attempts
is not futile. It conserves system resources because you can skip
creation of a connection, generation of a key, authentication, etc. That
said, I would periodically expire entries to keep the rule size from
getting too big.
Third: I have no idea who you're responding to, you seem to to be
responding to yourself. You accuse yourself of unfair snipping, yet you
didn't snip anything... I know you don't like the way the meds make you
feel, but they're for your own good. Really.
Stuart Jansen e-mail/jabber: sjansen at buscaluz.org
google talk: stuart.jansen at gmail.com
"However beautiful the strategy, you should occasionally look at
the results." -- Winston Churchill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20060412/810b5696/attachment.bin
More information about the PLUG