Mailing List CGatePro@mail.stalker.com Message #92445
From: Matthew Black <black@csulb.edu>
Subject: Re: Case Study Request
Date: Tue, 04 Sep 2007 08:16:46 -0700
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: CommuniGate Pro WebUser v5.0.9
On Fri, 31 Aug 2007 11:21:57 +0200
 Stefan Seiz <TalkLists@index-s.de> wrote:
On 28.08.2007 5:21 Uhr, Dave Pooser <dave-stalker@pooserville.com> wrote:

I've noticed
in the past that an SSH dictionary attack could DOS a 10.4.x server quite
effectively. (It wasn't a problem with 10.3.x and may no longer be a problem
with later 10.4.x revisions; I haven't felt the need to check.)

What i did which weirdly seemed to help is to have SSH not listen on the
default port 22 but another port. This seems to take care of a lot of the
scans.

--
Stefan Seiz <http://www.stefanseiz.com>
Spamto: <bin@imd.net>


You should also be using the built-in Unix firewall
or TCP Wrappers and only listen to connections from
authorized clients, ignoring all others.

matthew black
california state university, long beach
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster