[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NULL Scan issues or something else?

If you want to be extra paranoid, hide your open ports with port knocking and have your clients run from a script that knocks the proper sequence before making the connection :-)


On Feb 5, 2013, at 19:10, Jérémie Marguerie <jeremie@marguerie.org> wrote:

Le 5 févr. 2013 23:03, "Bartek Krajnik" <bartek@bmk-it.com> a écrit :
> Hi,
> For ssh login attempts you can use program authfail (after 4 wrong login attempts it adds proper IP to netfilter with DROP rule sending notification to IP class owner from whois database).

It sounds a bit overkill.
Am I the only one sometimes typing my password incorrectly because I forgot it?

Fail2ban does pretty much the same job but only ban for a few minutes. It's just a way to slow down bruteforce. Having 20 guesses per 10 minutes makes a bruteforce useless if the passwords are decent.

And it will not annoy too much your users but will annoy stupid bots.

Jérémie Marguerie

Reply to: