Re: [LAD] [ot] - NEED some security advise PLEASE!

From: Frank Barknecht <fbar@email-addr-hidden>
Date: Sun Feb 15 2009 - 12:39:09 EET

Hallo,
Arnold Krille hat gesagt: // Arnold Krille wrote:

> I have a script that filters the log-files for "invalid user", extracts the IP
> and adds it to the RECENT table (which is used for blocking for five minutes).
> But some of these attackers have botnets which means a lot of IP's to be
> blocked before they finished their username-list...

Basically that's what denyhost does, and it also has additional features
like a realtime bla/ocklist, which also blocks distributed
attacks that are not affected by blocking single IPs because one
attacker there is able to use a new IP for each attempt. OTOH botnets
usually are interested in servers with more valuable data than most of
us have.

> From my experience using key-logins only helps when you have only linux users.
> Most windows people don't really understand the concepts of security, public
> keys and such.

True, but for home-machines of Linux Audio freaks, usually nobody from a
Windows machine needs to log in anyway. ;) And if it's a public server,
I'd rather not have anybody logging in through ssh who is not capable of
dealing with key logins. I disabled password logins through ssh on
my public machines.

Ciao

-- 
 Frank
_______________________________________________
Linux-audio-dev mailing list
Linux-audio-dev@email-addr-hidden
http://lists.linuxaudio.org/mailman/listinfo/linux-audio-dev
Received on Sun Feb 15 16:15:03 2009

This archive was generated by hypermail 2.1.8 : Sun Feb 15 2009 - 16:15:03 EET