Amadeus W. M. wrote:
On Thu, 17 Aug 2006 08:14:27 +1000, Brian Chadwick wrote:
Frank Cox wrote:
On Wed, 16 Aug 2006 12:47:31 -0400
David Cary Hart <Fedora@xxxxxxxxxxx> wrote:
I cannot see any way that this could be used to create a ddos.
Getting locked out of your box for 3 hours wouldn't bother you?
if you dont remember the password no one can help things
It's not just failed login attempts. For instance, an innocent
ping could lock you out, if you have your dynamic firewall
configured that way.
all you need is to stop people from dictionary attacking ssh or ftp
(thats what the guy is after) ... binding to ports is totally
unneccessary ... just use sshutout .. which examines /var/log/secure for
suspicious activity ... it doesnt bind to ports .. it just reads logs,
then adjusts iptables if neccessary
talk about skinning a cat with a blunt stone ... sheesh