Re: [Full-disclosure] reduction of brute force login attempts via SSHthrough iptables --hashlimit

["Gary Leons" <tastytastybeef@xxxxxxxxxxxxxx>]

On 2/28/06, Josh Berry <josh.berry@xxxxxxxxxxxxxxxxx> wrote:
>
> I guess it makes you feel bigger and better to be an @sshole on a public
> mailing list but I don't think that anyone is impressed with the fact that
> you aren't offering any better ideas; just name-calling and showing a low
> maturity level.
>

I'm not trying to impress you, i'm trying to make sure anyone who uses
this script is aware of the security implications of doing so, this
list is called FULL-DISCLOSURE, which is exactly what i'm doing.

>
> I could be wrong, but doesn't last/lastb show users have have logged
> in/out.  Therefore it wouldn't necessarily catch brute-forcers (unless
> they were actually successful)?

Yes you could be wrong, how long would it have taken to type man lastb
and check? it lists failed login attempts, which is exactly what you
want.


> This guy was just trying to be helpful and demonstrate a way of blocking
> (or attempting to block) brute-forcers.  You aren't providing any value,
> just being a d!ck.

Are you on the correct mailing list? this list is for the disclosure
of security vulnerabilities, I think adding arbitrary firewall rules
to someone elses machine is a security issue worthy of disclosure by
anyone's standards.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/