Re: sshd behaviour when people are trying to break in

Subject:	Re: sshd behaviour when people are trying to break in
From:	chris rapier <rapier@psc.edu>
Date:	Tue, 14 Nov 2006 18:44:01 -0500
Cc:	openssh-unix-dev@mindrot.org
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	openssh-unix-dev-list1@securepoint.com
Delivered-to:	openssh-unix-dev-tmda@mindrot.org
Delivered-to:	openssh-unix-dev@mindrot.org
In-reply-to:	<17754.11598.604055.615378@squeak.fifthhorseman.net>
List-archive:	<http://lists.mindrot.org/pipermail/openssh-unix-dev>
List-help:	<mailto:openssh-unix-dev-request@mindrot.org?subject=help>
List-id:	Development of portable OpenSSH <openssh-unix-dev.mindrot.org>
List-post:	<mailto:openssh-unix-dev@mindrot.org>
List-subscribe:	<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=subscribe>
List-unsubscribe:	<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=unsubscribe>
References:	<20061114.201906.1045956004.markb@ordern.com> <17754.11598.604055.615378@squeak.fifthhorseman.net>
Sender:	openssh-unix-dev-bounces+openssh-unix-dev-list1=securepoint.com@mindrot.org
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

Subject:

From:

chris rapier <rapier@psc.edu>

Date:

Tue, 14 Nov 2006 18:44:01 -0500

Cc:

openssh-unix-dev@mindrot.org

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

openssh-unix-dev-list1@securepoint.com

Delivered-to:

openssh-unix-dev-tmda@mindrot.org

Delivered-to:

openssh-unix-dev@mindrot.org

In-reply-to:

<17754.11598.604055.615378@squeak.fifthhorseman.net>

List-archive:

<http://lists.mindrot.org/pipermail/openssh-unix-dev>

List-help:

<mailto:openssh-unix-dev-request@mindrot.org?subject=help>

List-id:

Development of portable OpenSSH <openssh-unix-dev.mindrot.org>

List-post:

<mailto:openssh-unix-dev@mindrot.org>

List-subscribe:

<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=subscribe>

List-unsubscribe:

<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=unsubscribe>

References:

<20061114.201906.1045956004.markb@ordern.com> <17754.11598.604055.615378@squeak.fifthhorseman.net>

Sender:

openssh-unix-dev-bounces+openssh-unix-dev-list1=securepoint.com@mindrot.org

User-agent:

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)


Daniel Kahn Gillmor wrote:
> hi Mark--
> 
> On November 14, markb@ordern.com said:
> 
> 
>>It would be good if sshd could detect such break in attempts and
>>simply not accept the connections. I can imagine having a simple
>>mechanism that counts the number of login attempts from a given IP
>>address and if so many are attempted in a short time period, that IP
>>address is blacklisted for a while.
> 
> 
> I don't think this functionality belongs in openssh.

I agree. I don't want to see SSH start taking on rolls that really 
aren't a part of its core functionality. An IDS is really much better 
suited for this sort of job.

Chris

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

<Prev in Thread]	Current Thread	[Next in Thread>
sshd behaviour when people are trying to break in, Mark Burton Re: sshd behaviour when people are trying to break in, Darren Cole Re: sshd behaviour when people are trying to break in, Daniel Kahn Gillmor Re: sshd behaviour when people are trying to break in, chris rapier <=

Previous by Date:	Re: tunneling through stdin/stdout, source routing, Simon Richter
Next by Date:	OpenSSH Certkey (PKI), Daniel Hartmeier
Previous by Thread:	Re: sshd behaviour when people are trying to break in, Daniel Kahn Gillmor
Next by Thread:	HPN Patch for 4.5p1 Released, Chris Rapier
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: tunneling through stdin/stdout, source routing, Simon Richter

Next by Date:

OpenSSH Certkey (PKI), Daniel Hartmeier

Previous by Thread:

Re: sshd behaviour when people are trying to break in, Daniel Kahn Gillmor

Next by Thread:

HPN Patch for 4.5p1 Released, Chris Rapier

Indexes:

[Date] [Thread] [Top] [All Lists]