From owner-freebsd-questions@FreeBSD.ORG Mon Nov 13 18:10:39 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7224D16A4D0 for ; Mon, 13 Nov 2006 18:10:39 +0000 (UTC) (envelope-from gerard@seibercom.net) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.228]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5E76843D8A for ; Mon, 13 Nov 2006 18:07:22 +0000 (GMT) (envelope-from gerard@seibercom.net) Received: by wx-out-0506.google.com with SMTP id s18so1170988wxc for ; Mon, 13 Nov 2006 10:07:16 -0800 (PST) Received: by 10.70.117.3 with SMTP id p3mr10157948wxc.1163441234978; Mon, 13 Nov 2006 10:07:14 -0800 (PST) Received: from scorpio.seibercom.net ( [67.189.184.224]) by mx.google.com with ESMTP id i36sm4406426wxd.2006.11.13.10.07.14; Mon, 13 Nov 2006 10:07:14 -0800 (PST) Received: from scorpio.seibercom.net (localhost [127.0.0.1]) by scorpio.seibercom.net (Postfix) with ESMTP id 82816BBBD for ; Mon, 13 Nov 2006 13:07:13 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) (Authenticated sender: gerard@scorpio.seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTP id D523AB936 for ; Mon, 13 Nov 2006 13:07:12 -0500 (EST) From: Gerard Seibert Organization: Seibercom.net To: freebsd-questions@freebsd.org Date: Mon, 13 Nov 2006 13:06:52 -0500 User-Agent: KMail/1.9.4 References: <20061113060528.GA7646@best.com> <20061113060356.E202.GERARD@seibercom.net> <45588B16.4070502@gmx.net> In-Reply-To: <45588B16.4070502@gmx.net> X-Face: "\j?x](l|]4p?-1Bf@!wN<&p=$.}^k-HgL}cJKbQZ3r#Ar]\%U(#6}'?<3s7%(%(=?utf-8?q?gxJxxc=0A=09RnSNPNr*/=5E=7EStawWU9KDJ-CT0k=24f=23?=@t2^K&BS_f|?ZV/.7Q MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart6633658.JQjqP6KmVs"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200611131307.06256.gerard@seibercom.net> X-Virus-Scanned: ClamAV using ClamSMTP Subject: Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: gerard@seibercom.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Nov 2006 18:10:39 -0000 --nextPart6633658.JQjqP6KmVs Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Monday 13 November 2006 10:11, Frank Staals wrote: > The point is it isn't security through obscurity: as allready pointed > out, FreeBSD & sshd can withstand those brute force attacks without much > of a problem so there is no security problem, the only thing is those > brute force attacks are anoying since they cloud authd.log If those > attacks WERE a problem, or if there was a system which you could log in > without user & pass if you would find out the correct port then, but > only then, it is a bad idea .... Given enough time, every user/password combination can be broken. Perhaps=20 not in your lifetime, but it is still a real possibility. Given the=20 relative ease of setting up keys and simply dispersing with user/passwords= =20 all together, I fail to see why more users do not avail themselves of this= =20 avenue of security. Then again, I don't know how San Diego came back to=20 beat Cincinnati yesterday either. Anyway, each to his own! =2D-=20 Gerard A word to the wise is often enough to start an argument. --nextPart6633658.JQjqP6KmVs Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQBFWLRJs3R1WQUU6lgRAgHbAJ96m1lq2l6d1Fz6zgkQ318wsagH5ACbB3KU PYWtS7++MFzKkJZJ3mggaxI= =KAA5 -----END PGP SIGNATURE----- --nextPart6633658.JQjqP6KmVs--