tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: shutting out dictionary attacks on ssh passwords



On Mon, Jun 27, 2011 at 09:02:42PM -0700, Scott Solmonson wrote:
> As an aside- relying upon "random jackoff's" Perl script that performs
> some automated port knocking -> FW interaction  or Blacklist addition
> etc is just asking for misery/mystery- it's one thing when building
> some custom scripting around your stack rom your own mind so you are
> absolutely intimate with how everything works; it's another when
> you're relying on someone else's hack. This isn't meant to knock any
> existing examples, but if you can read their code enough to really
> well-verify it for your uses, then you could have just written it
> yourself, and then there would no ambiguity in your "Do I really
> understand what this thing is doing?" equation.

Indeed. I was about to raise this point too. Plenty of vulnerabilities have
been reported in these tools. Additionally, my personal opinion is that
firewalls should be static, and white lists should be preferred to black
lists. All in all, if you are not dealing with special cases (e.g. company,
university, etc.), these "door-knob turners" are harmless even with just
good passwords.

- Jukka.


Home | Main Index | Thread Index | Old Index