current-users: Re: Autoblocking sites after ssh probes

Subject: Re: Autoblocking sites after ssh probes
To: None <current-users@NetBSD.org>
From: Daniel Carosone <dan@geek.com.au>
List: current-users
Date: 01/28/2005 12:05:35

--zaRBsRFn0XYhEU69
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

If legitimate ssh logins are rare and only from a small set of people,
consider inverting the behaviour of your log-watcher.  Use something
like the port-knocking technique to open temporary access to the ssh
port.

--
Dan.

--zaRBsRFn0XYhEU69
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (NetBSD)

iD8DBQFB+Y/fEAVxvV4N66cRAiRAAJ4+Vg8hpEjdvMCfFrP+UXjKBkNVHwCg+W94
VDvFGIZ/QSo1R043oFbyMxs=
=ijs1
-----END PGP SIGNATURE-----

--zaRBsRFn0XYhEU69--