Re: Temporarily Disable IP

To: debian-isp@lists.debian.org
Subject: Re: Temporarily Disable IP
From: Markus Beck <markus.beck@geistes-wissenschaft.de>
Date: Thu, 6 Oct 2005 01:14:01 +0200
Message-id: <[🔎] 20051006011401.579c3233.markus.beck@geistes-wissenschaft.de>
In-reply-to: <[🔎] di1kfc$8jp$1@sea.gmane.org>
References: <[🔎] di14vo$5t2$1@sea.gmane.org> <[🔎] 14nd13-sg4.ln1@news.housecafe.de> <[🔎] di1kfc$8jp$1@sea.gmane.org>

On Thu, 06 Oct 2005 04:05:04 +0530
Ritesh Raj Sarraf <riteshsarraf@users.sourceforge.net> wrote:

> I need to allow my clients to have ssh access. I'm not sure if they
> are going to use strong passwords. No enforcement.
> 
> The attacks are being made using a dictionary, I guess.
> For user foo they are trying 100's of combinations.
> 
> I was looking for something like,
> if 5 unsuccessful ssh logins from IP x
>         Temporarily Deny IP x

Hello,

I think playing with LoginGraceTime is a better solution for this
problem preventing e.g. the risk of a denial of service with spoofed
addresses. Besides, encouraging users to use strong passwords is a must
(I know a guy who is quite good in guessing passwords - once he guessed
a password of a user in the 1st try by hand (not using a dictionary and
the password wasn't the users name)). 
Additionally, most dictionary attacks on ssh focus on
ssh-implementations not for Linux that come up with some
default-accounts.

Sincerely,
Markus Beck

Reply to:

Follow-Ups:
- Re: Temporarily Disable IP
  - From: Boris Pavlov <edi@elib.minfin.bg>

References:
- Temporarily Disable IP
  - From: Ritesh Raj Sarraf <riteshsarraf@users.sourceforge.net>
- Re: Temporarily Disable IP
  - From: Christian <news@nerdbynature.de>
- Re: Temporarily Disable IP
  - From: Ritesh Raj Sarraf <riteshsarraf@users.sourceforge.net>

Prev by Date: Re: Temporarily Disable IP
Next by Date: Re: [OT] _received_ call from toll free ?
Previous by thread: Re: Temporarily Disable IP
Next by thread: Re: Temporarily Disable IP
Index(es):
- Date
- Thread