[Gllug] ssh brute force attacks
Hari Sekhon
hpsekhon at googlemail.com
Tue Dec 9 08:54:04 UTC 2008
Bruce Richardson wrote:
> On Mon, Dec 08, 2008 at 04:08:03PM +0000, Hari wrote:
>
>> I use port knocking, it's pretty good, the only thing I don't like about
>> it is that it requires a server behind a Nat to have too many ports
>> accessible
>>
>
> Not necessarily. One way to implement port knocking is to have an
> invisible firewalling bridge between your endpoint and the outside
> world. This can inspect incoming connection attempts and alter firewall
> rules accordingly if it sees the right pattern. No need for any extra
> open ports.
>
Technically true, but I wouldn't run the extra box just for that... I
actually like conserving energy now I've gotten in to it...
-h
--
Hari Sekhon
Always open to interesting opportunities
http://www.linkedin.com/in/harisekhon
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list