Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Host Blocking and Logfile Parsing
- Date: Sat, 20 Jan 2007 22:35:08 +0900
- From: scott <scott@example.com>
- Subject: Re: [tlug] Host Blocking and Logfile Parsing
- References: <Pine.NEB.4.64.0701201053020.1314@example.com>
On Sat, 2007-01-20 at 11:12 +0900, Curt Sampson wrote: > I myself don't see the security advantage of blocking IPs based on the > ssh attacks; turn off password authentication and no password attack > will ever succeed anyway. Sure, but last time I was hacked it was remote php inclusion not brute force ssh attempts, so my thinking is drop all traffic from *all* suspicious machines. I agree that not allowing password authentication for ssh is a good idea, but I also think blacklisting the bad guys seems like a proactive measure as well. Now I just gotta compile a new kernel that supports ipsets... Cheers, Scott VanDusen Tokyo
- Follow-Ups:
- Re: [tlug] Host Blocking and Logfile Parsing
- From: Curt Sampson
- Re: [tlug] Host Blocking and Logfile Parsing
- References:
- [tlug] Host Blocking and Logfile Parsing
- From: Curt Sampson
- [tlug] Host Blocking and Logfile Parsing
- Prev by Date: Re: [tlug] Tech meeting videos
- Next by Date: Re: [tlug] Host Blocking and Logfile Parsing
- Previous by thread: [tlug] Host Blocking and Logfile Parsing
- Next by thread: Re: [tlug] Host Blocking and Logfile Parsing
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |