Re: brute force ssh attempt mitigation

On 03/31/2010 12:02 PM, Christer Edwards wrote:
On Wed, Mar 31, 2010 at 8:50 AM, Olav Vitters<olav vitters nl>  wrote:


Error message is due to the NFS mounts on puppet being broken
(/home/admin, /home/users). You can still log in though (aside from home
dir not existing complaints)


So I'm hearing that bruteforce mitigation via denyhosts won't add any
additional security, and I agree (after understanding better how
accounts are managed). Does this mean let's just not bother? I don't
think it'll hurt, and if anything it'll simply clean up the logs and
cut down on the noise a bit.


I'm not following this thread but I suggest the implementation of a HIDS [1] on the servers, so we proactive actions against many threats.


Best Regards,

Alexandro Silva

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]