From owner-freebsd-questions@FreeBSD.ORG  Wed Apr 13 22:12:02 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5034816A4CF
	for <freebsd-questions@freebsd.org>;
	Wed, 13 Apr 2005 22:12:02 +0000 (GMT)
Received: from ipact2.infopact.nl (x71.infopact.nl [212.29.160.71])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 74CD243D4C
	for <freebsd-questions@freebsd.org>;
	Wed, 13 Apr 2005 22:12:01 +0000 (GMT)
	(envelope-from b.rossen@onsnet.nu)
Received: from [192.168.1.100] (32-11-ftth.onsnet.nu [84.35.11.32])
	by ipact2.infopact.nl (8.12.10/8.12.10) with ESMTP id j3DMC0DG001221
	for <freebsd-questions@freebsd.org>; Thu, 14 Apr 2005 00:12:00 +0200
From: Benjamin Rossen <b.rossen@onsnet.nu>
Organization: GearSticker Corporation
To: freebsd-questions@freebsd.org
Date: Thu, 14 Apr 2005 00:11:44 +0200
User-Agent: KMail/1.7.1
References: <36f5bbba050406001514562df7@mail.gmail.com>
	<200504132347.49133.b.rossen@onsnet.nu>
	<19221994686.20050413235524@hexren.net>
In-Reply-To: <19221994686.20050413235524@hexren.net>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200504140011.44565.b.rossen@onsnet.nu>
X-Scanned-By: MIMEDefang - SpamAssassin
Subject: Re: too many illegal connection attempts through ssh
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: b.rossen@onsnet.nu
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Apr 2005 22:12:02 -0000

On Wednesday 13 April 2005 23:55, Hexren wrote:
> > Just an idea...
> 
> > Benjamin Rossen 
> 
> ---------------------------------------------
> 
> Sounds fun but opens the door for every local user with ssh access to
> DOS the machine he is on. I am not that found of the idea.

Not at all. Let us say that a trusted authority were to operate the central 
server. The central server would not authorize a coordinated defensive DOS 
unless there were to be evidence that the cracker had been attacking many 
machines - perhaps the criterion could be framed to trigger a defensive DOS 
only if it were established that the cracker had been attacking many 
disparate machines in different parts of the world. 

Who is tracking this kind of thing centrally? No one. When you find that 
someone is trying to get into one of your servers you have no idea of what 
else that individual may be doing. A central trusted authority would know. 

Benjamin Rossen