And lets say I try to log in late at night and mistype my password a number of times in a row -- I will be locked out.... or I have a script run to log in and it goes haywire and attempts many times in a second or two before you shut it down. -----Original Message----- From: fedora-list-bounces@xxxxxxxxxx [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Brian Chadwick Sent: Wednesday, August 16, 2006 7:24 PM To: For users of Fedora Core releases Subject: Re: Automatic blocking Amadeus W. M. wrote: > On Thu, 17 Aug 2006 08:14:27 +1000, Brian Chadwick wrote: > > >> Frank Cox wrote: >> >>> On Wed, 16 Aug 2006 12:47:31 -0400 >>> David Cary Hart <Fedora@xxxxxxxxxxx> wrote: >>> >>> >>> >>>> I cannot see any way that this could be used to create a ddos. >>>> >>>> >>> Getting locked out of your box for 3 hours wouldn't bother you? >>> >>> >>> >> if you dont remember the password no one can help things >> > > It's not just failed login attempts. For instance, an innocent ping > could lock you out, if you have your dynamic firewall configured that > way. > > > > all you need is to stop people from dictionary attacking ssh or ftp (thats what the guy is after) ... binding to ports is totally unneccessary ... just use sshutout .. which examines /var/log/secure for suspicious activity ... it doesnt bind to ports .. it just reads logs, then adjusts iptables if neccessary talk about skinning a cat with a blunt stone ... sheesh -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
