[Gllug] ssh brute force attacks
Bruce Richardson
itsbruce at workshy.org
Mon Dec 8 17:58:38 UTC 2008
On Mon, Dec 08, 2008 at 04:08:03PM +0000, Hari wrote:
> >
> I use port knocking, it's pretty good, the only thing I don't like about
> it is that it requires a server behind a Nat to have too many ports
> accessible
Not necessarily. One way to implement port knocking is to have an
invisible firewalling bridge between your endpoint and the outside
world. This can inspect incoming connection attempts and alter firewall
rules accordingly if it sees the right pattern. No need for any extra
open ports.
--
Bruce
The ice-caps are melting, tra-la-la-la. All the world is drowning,
tra-la-la-la-la. -- Tiny Tim.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20081208/659f2764/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list