Re: brute force ssh attempt mitigation

From: Olav Vitters <olav vitters nl>
To: Christer Edwards <christer edwards gmail com>
Cc: gnome-infrastructure gnome org, jeffschroeder computer org
Subject: Re: brute force ssh attempt mitigation
Date: Wed, 31 Mar 2010 17:26:05 +0200

On Wed, Mar 31, 2010 at 09:02:09AM -0600, Christer Edwards wrote:
> So I'm hearing that bruteforce mitigation via denyhosts won't add any
> additional security, and I agree (after understanding better how
> accounts are managed). Does this mean let's just not bother? I don't
> think it'll hurt, and if anything it'll simply clean up the logs and
> cut down on the noise a bit.

denyhosts itself doesn't seem to have a good security track record TBH.

http://denyhosts.sourceforge.net/changelog.html
Depending on the PAM config it might parse stuff incorrectly on 2.6 (not
sure if fixed in newer versions)
http://bugs.gentoo.org/show_bug.cgi?id=157163#c18
http://bugs.gentoo.org/show_bug.cgi?id=157163#c34

Though, last release is Nov 2008 and no since security advisory since.
-- 
Regards,
Olav

References:
- brute force ssh attempt mitigation
  - From: Christer Edwards
- Re: brute force ssh attempt mitigation
  - From: Jeff Schroeder
- Re: brute force ssh attempt mitigation
  - From: Christer Edwards
- Re: brute force ssh attempt mitigation
  - From: Olav Vitters
- Re: brute force ssh attempt mitigation
  - From: Christer Edwards
- Re: brute force ssh attempt mitigation
  - From: Olav Vitters
- Re: brute force ssh attempt mitigation
  - From: Christer Edwards

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]