if this server was used by 100+ people i would of course not have such a
harsh security script set up. everyone who uses it has great experience
and understands the consequences. like i said before, this is usually
for personal use and has about 12 users total. if this was used to
manage ssh on something big i would lower the security measures.
hope you can understand some now :)
Ben
[EMAIL PROTECTED] wrote:
-if the attempt was with a username that doesnt exist - i add the ip to
a db of banned ips and flush and restart ipfw
I'm curious about this bit - what do you do about accidentally mistyped
usernames by valid users?
cheers,
-- Joel Hatton --
Security Analyst | Hotline: +61 7 3365 4417
AusCERT - Australia's national CERT | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: [EMAIL PROTECTED]
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"