Date: Tue, 30 Sep 2008 11:50:14 -0400 From: Bill Moran <wmoran@collaborativefusion.com> To: freebsd-hackers@FreeBSD.ORG Cc: Oliver Fromme <olli@lurza.secnetix.de>, pierre.riteau@gmail.com Subject: Re: SSH Brute Force attempts Message-ID: <20080930115014.45a0cd88.wmoran@collaborativefusion.com> In-Reply-To: <200809301537.m8UFbcrt044684@lurza.secnetix.de> References: <20080930151550.GA20490@omicron.my.domain> <200809301537.m8UFbcrt044684@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
In response to Oliver Fromme <olli@lurza.secnetix.de>: > Pierre Riteau wrote: > > > Because the 3-way handshake ensures that the source address is not being > > spoofed, more aggressive action can be taken based on these limits. > > s/not being spoofed/more difficult to spoofe/ ;-) On a modern OS (like FreeBSD) where ISNs are random, the possibility of blindly spoofing an IP during a 3-way handshake is so low as to be effectively impossible. Yes, it _can_ be done, but the effort required makes it not an effective method of attack. -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ wmoran@collaborativefusion.com Phone: 412-422-3463x4023
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080930115014.45a0cd88.wmoran>