Re: block_ssh_guessers
- From: Lawrence D'Oliveiro <ldo@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 22 Apr 2006 20:50:30 +1200
In article <1551761.ZgHNHj5mP8@xxxxxxx>,
matt_left_coast <not@xxxxxxxxxx> wrote:
Lawrence D'Oliveiro wrote:
In article <oJ92g.4243$mu2.1615@xxxxxxxxxxxxxxxxxxxxxxxxxx>,
Bill Davidsen <davidsen@xxxxxxx> wrote:
Lawrence D'Oliveiro wrote:
In article <slrne47ssp.18i.ibuprofin@xxxxxxxxxxxxxxxxx>,
ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) wrote:
If you absolutely MUST allow connections from the world, and you can't
be bothered to set up certificates, google for port knocking.
port-knocking--don't be bloody stupid.
Care to share why you think port-knocking is stupid?
Ever heard of the term "replay attack"?
Ever hear of changing the sequence with each connection? As soon as the
sequence is used, it's changed, you can replay (IF that is, you were ever
able to get the sequence in the first place) all you want, the code you
sniffed is invalid.
Ever learn to think?
What happens if somebody else uses the sequence first?
.
- Follow-Ups:
- Re: block_ssh_guessers
- From: matt_left_coast
- Re: block_ssh_guessers
- References:
- block_ssh_guessers
- From: Lawrence D'Oliveiro
- Re: block_ssh_guessers
- From: Moe Trin
- Re: block_ssh_guessers
- From: Lawrence D'Oliveiro
- Re: block_ssh_guessers
- From: Bill Davidsen
- Re: block_ssh_guessers
- From: Lawrence D'Oliveiro
- Re: block_ssh_guessers
- From: matt_left_coast
- block_ssh_guessers
- Prev by Date: Re: need help with root hack
- Next by Date: Re: need help with root hack
- Previous by thread: Re: block_ssh_guessers
- Next by thread: Re: block_ssh_guessers
- Index(es):
Relevant Pages
|
