On 2006 Sep 19 , at 17:25, Nicolas Blais wrote:
On Tuesday 19 September 2006 17:12, Joao Barros wrote:
On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
Hey all,
I've looked around and found several linux-centric things designed to
block brute-force SSH attempts. Anyone out t
--- "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
wrote:
> On Tue, 19 Sep 2006, backyard wrote:
>
> > In reality using passwords with SSH kinda defeats
> the
> > purpose of SSH.
>
> Keeping passwords from being sent across the network
> as cleartext?
>
> -Dan
ssh will encrypt them of cours
On Wed, 20 Sep 2006, Erik Norgaard wrote:
Dan Mahoney, System Admin wrote:
On Tue, 19 Sep 2006, Erik Norgaard wrote:
Along with some good advice. First of all: ssh is not a public service
like http or smtp where you need anyone to be able to connect. So don't
let them in the first place.
I
Elijah Savage wrote:
Joao Barros wrote:
I'm using BruteForceBlocker quite successfully.
I take the opportunity to thank danger for it :-)
http://www.freshports.org/security/bruteforceblocker/
I use /usr/ports/security/denyhost
It was very easy to install and setup the config file is commente
Elijah Savage wrote:
another vote for denyhost. it works well and stops the attacks. Even tho
i use keys and not passwords, i still use it.
just a DITTO great piece of soft!
--
Pietro Cerutti
ICQ: 117293691
PGP: 0x9571F78E
- ASCII Ribbon Campaign -
against HTML e-mail and
proprietary attac
Elijah Savage wrote:
> Joao Barros wrote:
>> On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
>>> Hey all,
>>>
>>> I've looked around and found several linux-centric things designed to
>>> block brute-force SSH attempts. Anyone out there know of something a
>>> bit
>>> more BSD sav
Joao Barros wrote:
On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
Hey all,
I've looked around and found several linux-centric things designed to
block brute-force SSH attempts. Anyone out there know of something a
bit
more BSD savvy?
My best attempt will be to get this:
h
Hello Joao,
Tuesday, September 19, 2006, 11:12:37 PM, you wrote:
> On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
>> Hey all,
>>
>> I've looked around and found several linux-centric things designed to
>> block brute-force SSH attempts. Anyone out there know of something a bit
Dan Mahoney, System Admin wrote:
On Tue, 19 Sep 2006, Erik Norgaard wrote:
Along with some good advice. First of all: ssh is not a public service
like http or smtp where you need anyone to be able to connect. So
don't let them in the first place.
It is in this case. It's a web server that a
Peter N. M. Hansteen wrote:
> "Dan Mahoney, System Admin" <[EMAIL PROTECTED]> writes:
>
>> I've found a few things based on openBSD's pf, but that doesn't seem to be
>> the default in BSD either.
>
> Recent BSDs (all of them, FreeBSD 5.n/6.n included) have PF in the base
> system.
> 'overload'
"Dan Mahoney, System Admin" <[EMAIL PROTECTED]> writes:
> I've found a few things based on openBSD's pf, but that doesn't seem to be
> the default in BSD either.
Recent BSDs (all of them, FreeBSD 5.n/6.n included) have PF in the base system.
'overload' rules are fairly easy to set up, eg
table
On Sep 19, 2006, at 3:38 PM, Darrin Chandler wrote:
I think this isn't needed, and is somewhat silly. Like all (decent)
implementations of pubkey, the key is only used to authenticate and
exchange a symetric session key. So the pubkey sees little actual use,
compared with the session key.
Anyone
On Tue, Sep 19, 2006 at 02:22:41PM -0700, backyard wrote:
>
> well you could pretty much eliminate the problem by
> disabling password logins to sshd and only accepting
> keyed logins. Then only a key will work.
This is probably the best thing you can do to keep the bad guys out.
This is what I'm
On Tue, 19 Sep 2006, backyard wrote:
In reality using passwords with SSH kinda defeats the
purpose of SSH.
Keeping passwords from being sent across the network as cleartext?
-Dan
--
"Of course she's gonna be upset! You're dealing with a woman here Dan,
what the hell's wrong with you?"
-S.
On Tue, 19 Sep 2006, Erik Norgaard wrote:
Along with some good advice. First of all: ssh is not a public service like
http or smtp where you need anyone to be able to connect. So don't let them
in the first place.
It is in this case. It's a web server that allows shell usage (and
encourages
I've looked around and found several linux-centric things designed
to
block brute-force SSH attempts. Anyone out there know of
something a bit
more BSD savvy?
I've found a few things based on openBSD's pf, but that doesn't
seem to be
the default in BSD either.
Any response appreciated.
Dan Mahoney, System Admin wrote:
Hey all,
I've looked around and found several linux-centric things designed to
block brute-force SSH attempts. Anyone out there know of something a bit
more BSD savvy?
My best attempt will be to get this:
http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.h
I've looked around and found several linux-centric things designed
to block brute-force SSH attempts. Anyone out there know of
something a bit more BSD savvy?
I'm a fan of security/sshit
My best attempt will be to get this:
http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.html
runni
On Tuesday 19 September 2006 17:12, Joao Barros wrote:
> On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
> > Hey all,
> >
> > I've looked around and found several linux-centric things designed to
> > block brute-force SSH attempts. Anyone out there know of something a bit
> > more
"Joao Barros" <[EMAIL PROTECTED]> writes:
> On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
>> Hey all,
>>
>> I've looked around and found several linux-centric things designed to
>> block brute-force SSH attempts. Anyone out there know of something a bit
>> more BSD savvy?
>>
>>
--- "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
wrote:
> Hey all,
>
> I've looked around and found several linux-centric
> things designed to
> block brute-force SSH attempts. Anyone out there
> know of something a bit
> more BSD savvy?
>
> My best attempt will be to get this:
>
>
http
On 9/19/06, Dan Mahoney, System Admin <[EMAIL PROTECTED]> wrote:
Hey all,
I've looked around and found several linux-centric things designed to
block brute-force SSH attempts. Anyone out there know of something a bit
more BSD savvy?
My best attempt will be to get this:
http://www.csc.liv.ac.u
Hey all,
I've looked around and found several linux-centric things designed to
block brute-force SSH attempts. Anyone out there know of something a bit
more BSD savvy?
My best attempt will be to get this:
http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.html
running and adapt it.
I've f
23 matches
Mail list logo
