Date: Mon, 19 Sep 2011 18:56:58 -0600 From: Chad Perrin <perrin@apotheon.com> To: freebsd-questions@freebsd.org Subject: Re: limit number of ssh connections Message-ID: <20110920005658.GA67327@guilt.hydra> In-Reply-To: <86k494t6mn.fsf@red.stonehenge.com> References: <CAAOvGP2Gj0=ZAYZn2KZYUa3NTCHVtUdtQqHumM1D5Ea26dzPrQ@mail.gmail.com> <946851316461449@web97.yandex.ru> <86k494t6mn.fsf@red.stonehenge.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Dxnq1zWXvFF0Q93v Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Sep 19, 2011 at 05:11:28PM -0700, Randal L. Schwartz wrote: > >>>>> "=D0=93=D1=80=D0=B8=D0=B3=D0=BE=D1=80=D1=8C=D0=B5=D0=B2" =3D=3D =D0= =93=D1=80=D0=B8=D0=B3=D0=BE=D1=80=D1=8C=D0=B5=D0=B2 =D0=90=D0=BB=D0=B5=D0= =BA=D1=81=D0=B0=D0=BD=D0=B4=D1=80 <mr.festin@yandex.ru> writes: >=20 > =D0=93=D1=80=D0=B8=D0=B3=D0=BE=D1=80=D1=8C=D0=B5=D0=B2> If your target is= protect freebsd box from bruting passwords > =D0=93=D1=80=D0=B8=D0=B3=D0=BE=D1=80=D1=8C=D0=B5=D0=B2> from inet maybe s= ecurity/knockd will help you? >=20 > Portknocking adds only a dozen bits or so to your password. Do you > really think it helps to go from a 1024-bit key to a 1036-bit? In other > words, Portknocking belongs in the "security for dummies" pile right > along with "turning off your SSID announce" and "use MAC address > filtering" when people talk about wifi "security". All three are > useless and give you a false sense of having "increased" security. I'd say, rather, that it's useful in deflecting the drive-by, casual cracking attempts, but not as real security against a more sophisticated attack. It's nice to have cleaner logging sometimes -- which is the real benefit of such techniques, rather than security per se. --=20 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] --Dxnq1zWXvFF0Q93v Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAk535NkACgkQ9mn/Pj01uKWkLACfbvIsu2MDTvG3nRPHhgJ6ZOiE mcIAoMbfdYOj/ld3Hn6SOSHlxKvHRs3J =1JOU -----END PGP SIGNATURE----- --Dxnq1zWXvFF0Q93v--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110920005658.GA67327>