Peter Matulis <[EMAIL PROTECTED]> writes:
> You can run OpenBSD's pf in combination with authpf. This mechanism
> will alter firewall rules based on successful SSH logins.
authpf is great, but even overload rules can go a long way towards
eliminating the original poster's problem, see eg the su
> > I have installed denyhosts from the ports to stop ssh attacks, but
> > I have discovered a vulnerability, that is new to me. Denyhosts
> > does not seem to notice FTP login attempts, so the cracker can
> > attempt to login via FTP, 1000's of times until he finds a
> > login/password combination
Le Vendredi 26 Janvier 2007 15:50, Kevin Kinsey a écrit :
> David Banning wrote:
> >>> I have discovered a vulnerability, that is new to me. Denyhosts
> >>> does not seem to notice FTP login attempts, so the cracker can
> >>> attempt to login via FTP, 1000's of times until he finds a
> >>> login/pa
David Banning wrote:
I have discovered a vulnerability, that is new to me. Denyhosts
does not seem to notice FTP login attempts, so the cracker can
attempt to login via FTP, 1000's of times until he finds a
login/password combination.
Pardon the stupid question, but I'm assuming it's necessary t
In response to David Banning <[EMAIL PROTECTED]>:
> I have installed denyhosts from the ports to stop ssh attacks, but
> I have discovered a vulnerability, that is new to me. Denyhosts
> does not seem to notice FTP login attempts, so the cracker can
> attempt to login via FTP, 1000's of times unti
> >I have discovered a vulnerability, that is new to me. Denyhosts
> >does not seem to notice FTP login attempts, so the cracker can
> >attempt to login via FTP, 1000's of times until he finds a
> >login/password combination.
> >
>
> Pardon the stupid question, but I'm assuming it's necessary that
David Banning wrote:
I have installed denyhosts from the ports to stop ssh attacks, but
I have discovered a vulnerability, that is new to me. Denyhosts
does not seem to notice FTP login attempts, so the cracker can
attempt to login via FTP, 1000's of times until he finds a
login/password combinat
I have installed denyhosts from the ports to stop ssh attacks, but
I have discovered a vulnerability, that is new to me. Denyhosts
does not seem to notice FTP login attempts, so the cracker can
attempt to login via FTP, 1000's of times until he finds a
login/password combination.
Once he has a
