[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Solved]: Re: stopping ssh attacks

On 2005-06-16 11:51:01 -0500, Thomas Stivers wrote:
> I ended up going with port knocking and just installed knockd. Too
> cool, i always thought it was harder to set up than it is. I even
> have it playing nice with shorewall. Thanks for the suggestions.

The problem with port knocking is that it doesn't allow to connect
from everywhere since some providers filter some ports. And you also
need a client that would know about port knocking, right? Is there
some package that would do the following, for instance: let port 22
closed, but after a connection attempt, it is temporarily opened
after 5 seconds for this address (with a timeout of 1 minute). After
a successful connection, the address is whitelisted.

This would not be difficult to implement, but I haven't had the time
yet... So, if there's something that already exists and does exactly
what I want, I'd be very interested.

-- 
Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / SPACES project at LORIA
Reply to: