Re: What to do with attackers?

To: debian-user@lists.debian.org
Subject: Re: What to do with attackers?
From: Rakotomandimby Mihamina <mihamina.rakotomandimby@etu.univ-orleans.fr>
Date: Fri, 04 Nov 2005 14:42:06 +0100
Message-id: <[🔎] 1131111726.2367.23.camel@localhost.localdomain>
In-reply-to: <[🔎] 436B61C1.90306@ithacafreesoftware.org>
References: <[🔎] 436B4319.4010805@ares.dyndns.biz> <[🔎] 436B50E5.90005@ithacafreesoftware.org> <[🔎] 1131110985.2367.17.camel@localhost.localdomain> <[🔎] 436B61C1.90306@ithacafreesoftware.org>

On Fri, 2005-11-04 at 08:27 -0500, Mitch Wiedemann wrote:
> >I dont aggree. Dorpping is not _the best_.
> >He has the choice to REJECT or to DROP. It's a bit different.
> >I'd vote for REJECTing.
> I prefer DROP because it's more stealthy. 

Well 50% - 50% now. :-)

> But I just did a Google
> search about DROP v. REJECT and found this interesting thread:
> http://www.linuxforum.com/forums/index.php?showtopic=161991

Well, also take care of the fact the attaquant may be on a dynamic IP
address line.
At the end, the OP will be balclisting a whole IP range.

For a personnal desktop, he should just avoid connecting to the #22
port. For a server, he should strenghten his SSH system and that's all.

-- 
Administration & Formation à l'administration
de serveurs dédiés:
http://www.google.fr/search?q=aspo+infogerance+serveur

Reply to:

References:
- What to do with attackers?
  - From: Thomas <jade@ares.dyndns.biz>
- Re: What to do with attackers?
  - From: Mitch Wiedemann <mitch@ithacafreesoftware.org>
- Re: What to do with attackers?
  - From: Rakotomandimby Mihamina <mihamina.rakotomandimby@etu.univ-orleans.fr>
- Re: What to do with attackers?
  - From: Mitch Wiedemann <mitch@ithacafreesoftware.org>

Prev by Date: creating symlinks in /proc
Next by Date: Any debian packages for gnome's NetworkManager?
Previous by thread: Re: What to do with attackers?
Next by thread: Re: What to do with attackers?
Index(es):
- Date
- Thread