Cosmin Nicolaescu on 28 Apr 2005 14:57:33 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Increase in SSH break-in attempts?


On Thu, April 28, 2005 9:53 am, Jeff Abrahamson said:
> On Tue, Apr 26, 2005 at 10:40:48AM -0400, Cosmin Nicolaescu wrote:
>> I actually let them hang on that port (DROP not REJECT so
>> that their automated script will just hang there, so at least it'll
>> slow down the 'work).
>
> How do you do that?
>
> --
>  Jeff
>
>  Jeff Abrahamson  <http://www.purple.com/jeff/>    +1 215/837-2287
>  GPG fingerprint: 1A1A BA95 D082 A558 A276  63C6 16BF 8C4C 0D1D AE4B
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --
> http://www.phillylinux.org
> Announcements -
> http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --
> http://lists.phillylinux.org/mailman/listinfo/plug
>

iptables allows you to either DROP or REJECT a package. The difference
between the 2 is that REJECT will sent a icmp message (default is
Connection Refused, but you can send it whatever you want - like host
unreachable), while DROP will just never send the ACK.

-Cos


-- 
GPG key fingerprint = DE9F 4664 E666 2BD1 903E  4F4D EA31 5FB1 C7F9 08C1
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug