Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 14 Apr 2005 00:11:44 +0200
From:      Benjamin Rossen <b.rossen@onsnet.nu>
To:        freebsd-questions@freebsd.org
Subject:   Re: too many illegal connection attempts through ssh
Message-ID:  <200504140011.44565.b.rossen@onsnet.nu>
In-Reply-To: <19221994686.20050413235524@hexren.net>
References:  <36f5bbba050406001514562df7@mail.gmail.com> <200504132347.49133.b.rossen@onsnet.nu> <19221994686.20050413235524@hexren.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 13 April 2005 23:55, Hexren wrote:
> > Just an idea...
> 
> > Benjamin Rossen 
> 
> ---------------------------------------------
> 
> Sounds fun but opens the door for every local user with ssh access to
> DOS the machine he is on. I am not that found of the idea.

Not at all. Let us say that a trusted authority were to operate the central 
server. The central server would not authorize a coordinated defensive DOS 
unless there were to be evidence that the cracker had been attacking many 
machines - perhaps the criterion could be framed to trigger a defensive DOS 
only if it were established that the cracker had been attacking many 
disparate machines in different parts of the world. 

Who is tracking this kind of thing centrally? No one. When you find that 
someone is trying to get into one of your servers you have no idea of what 
else that individual may be doing. A central trusted authority would know. 

Benjamin Rossen 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504140011.44565.b.rossen>