|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
RE: [PLUG] ssh brute force attacks & real time offending IP lists
|
> however, keep in mind that this (and even my suggestion to a lesser
> degree)
> opens up some potential security/DDOS issues. for example, if you
base
> your
> access control list on data someone else is providing, it's possible
that
> either directly (feeding fake data) or indirectly (connection
spoofing) a
> mean person could put your own network blocks into said list, causing
some
> grief :)
Sean,
You're absolutely correct. There is a risk if you do not trust the
person providing the information, although I am sure most of us trust
the anti-spam lists provided with our spam assassin installs etc.
I do think a list of brute-force offenders such as the one spamhaus
compiles would be very useful and one we could all benefit from. In
fact I am surprised a list like this hasnt been created. Does anyone
have am idea why this is? I am sure we arent the fist ones to have
this discussion.
Mark
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|