Am Di, Apr 02, 2024 at 13:30:43 +0200 schrieb Marc Haber:
from being vulnerable to the current xz-based attack. Just having to dump an ALL: ALL into /etc/hosts.deny is vastly easier than having to maintain a packet filter.
Stupid question, but if you put „ALL: ALL” into hosts.deny, couldn’t you stop the ssh daemon instead? ALL: ALL will block your ssh access, so it doesn’t matter if the daemon is running or not.
Stephan -- | If your life was a horse, you'd have to shoot it. |