On Sat, 2007-05-26 at 13:16 -0700, Wolfgang S. Rupprecht wrote: > Such programs help you save the CPU time of sshd answering the > connection from a single abusive host, but would do little against a > distributed botnet attack. Luckily botnets aren't really used against > sshd yet, but it they were you'd potentially be seeing distributed > guessing attacks from 10,000 different hosts. If they all took turns > to guess a single password in round-robin fashion, the filters would > never trip. You're right. What do you recommend to protect against this sort of attack? Tom
