Re: Ataque a servidor debian

To: "Manuel Trujillo (TooManySecrets)" <toomany@toomany.net>
Cc: debian-user-spanish@lists.debian.org
Subject: Re: Ataque a servidor debian
From: Roberto Quiñones <roberto@acshell.net>
Date: Wed, 23 Feb 2011 09:34:36 -0300
Message-id: <[🔎] AANLkTim5fM0AKLCGLDDn_aN_5Qr1FYtVsDFtfA5oPidw@mail.gmail.com>
In-reply-to: <[🔎] AANLkTimNL7Dvn2QKL0kYpJmZvKGQxthyJAiV963KfGdY@mail.gmail.com>
References: <[🔎] AANLkTikbjSrr4FFSF=Aum51qmmEHaw0CGdC3XbN5D5mw@mail.gmail.com> <[🔎] AANLkTikoVMkBQbMQYhnekKWzyV7RJ4kA4m3T=c5pfx9d@mail.gmail.com> <[🔎] AANLkTi=y1V+ZHXBFaZWidBEON6K-OVKBO3tv04oFoC85@mail.gmail.com> <[🔎] AANLkTi=wCNPRnBnqbRQ6W34kXeVmW_C7ynKJ9US28Owx@mail.gmail.com> <[🔎] AANLkTikgj5kx6ZFF8_bOqfxEnjEA-Pp82VwnJwRHUoEb@mail.gmail.com> <[🔎] AANLkTinx=Djft-LemHOGQRyq6rWPJ8-WM7MLLdiQgjSW@mail.gmail.com> <[🔎] AANLkTimNL7Dvn2QKL0kYpJmZvKGQxthyJAiV963KfGdY@mail.gmail.com>

2011/2/22 Manuel Trujillo (TooManySecrets) <toomany@toomany.net>:
> 2011/2/22 Marc Aymerich <glicerinu@gmail.com>:
>> A menos que tu servidor sea un Intel 286 no sabría como justificar que un
>> simple ataque de fuerza bruta contra un SSH tumbe el servidor :)
>
> +1 a eso.
>
> --
> ---------------------------------------------------------------------------------------
> Have a nice day  ;-)
> TooManySecrets
>
> /"\   ASCII Ribbon Campaign  | FreeBSD Since 4.1
> \ / - NO HTML/RTF in e-mail  | GNU/Linux Since 1994.
>  X  - NO Word docs in e-mail | OpenSUSE Member
> / \  - http://www.toomany.net  ; | OpenSolaris Community Member
> ---------------------------------------------------------------------------------------
>
>
> --
> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] AANLkTimNL7Dvn2QKL0kYpJmZvKGQxthyJAiV963KfGdY@mail.gmail.com">http://lists.debian.org/[🔎] AANLkTimNL7Dvn2QKL0kYpJmZvKGQxthyJAiV963KfGdY@mail.gmail.com
>
>

En estos casos el problema no pasaria por que tu servidor se cayera
por un DDOS o brute force al servicio SSH, si es un ataque masivo
desde muchas direcciones IP puede ser un simple brute force que solo
daria problemas a tu ancho de banda en consumo y podria dejar
perfectamente el servidor con problema de conectividad para servicios
ssh hacia afuiera en casos hasta localmente, creo que la manera de
poder controlarlo es con fail2ban.

Saludos Cordiales
-- 
--------------------------------------------
Roberto Quiñones

Owner - Service Manager and System
ACShell.NET – Internet Services
roberto@acshell.net - www.acshell.net
San Martin #311 Santiago – CL (Chile)
+560981361713
--------------------------------------------

Reply to:

Follow-Ups:
- Re: Ataque a servidor debian
  - From: Roberto Quiñones <roberto@acshell.net>
- Re: Ataque a servidor debian
  - From: Marc Aymerich <glicerinu@gmail.com>

References:
- Ataque a servidor debian
  - From: Victor H De la Luz <itztli@gmail.com>
- Re: Ataque a servidor debian
  - From: Marc Aymerich <glicerinu@gmail.com>
- Re: Ataque a servidor debian
  - From: Victor H De la Luz <itztli@gmail.com>
- Re: Ataque a servidor debian
  - From: Marc Aymerich <glicerinu@gmail.com>
- Re: Ataque a servidor debian
  - From: Victor H De la Luz <itztli@gmail.com>
- Re: Ataque a servidor debian
  - From: Marc Aymerich <glicerinu@gmail.com>
- Re: Ataque a servidor debian
  - From: "Manuel Trujillo (TooManySecrets)" <toomany@toomany.net>

Prev by Date: Re: [OT] X11 forwarding
Next by Date: Re: Ataque a servidor debian
Previous by thread: Re: Ataque a servidor debian
Next by thread: Re: Ataque a servidor debian
Index(es):
- Date
- Thread