Re: Somebody is keep trying to ssh into my systems, how can I stop that?

left_coast <void@xxxxxxxx> (06-08-06 21:49:51):

you're killfiled now -- again.

Ahhh, yet another person that when losing an argument, insults, claims
victory on false pretenses and killfiles the person intruding on their
delusions. Killfiling and insulting the messager does not make the
message wrong.

Matt, really, I have never killfiled anyone. I tell people that I do,
so the flooding of the particular newsgroup with useless discussions
stops. Unfortunately this method won't work for you. Either you like
going on people's nerves, or you are a Microsoft man, who gets paid for
filling Linux-related groups with flaming garbage (which appears most
likely), or you really are just plain dumb.

Take a look at this: "OpenSSH is part of OpenBSD, but it also runs on
Linux. It is the same code.". What could I have meant? That Linux and
OpenBSD are the same code? Or that it's the same OpenSSH code, which
runs on both Linux and OpenBSD? You knew that I meant the latter, but
your tactic to 'winning' a discussion is to frustrate other people by
turning their words around and claiming senseless stuff.

I know by myself, how to secure my system. Since there weren't any
successful attacks against my networks for ten years of my computer
experience, although a lot of people have tried, I can safely claim that
my way of doing things is secure. And in fact, most security experts
will agree with me.

When it comes to buffer overflows, your knockd secret is easily
interceptable, believe it or not, even if it changes every time. That's
why IMO this is security by obscurity. When an attacker, who really
wants to get into your system, knows that it's subject to a buffer
overflow bug, then he will.

By the way: Did you know, that source IP addresses can be spoofed
easily under certain circumstances? He doesn't even have to break your
knockd sequence. He just has to wait, until you tell your portknocker
to unfilter your IP address, and then he can spoof it. If he does that
properly, he will even be able to play the MITM, not needing buffer
overflows at all, since you're so convinced of your password-based

When I tell you, that key-based authentication solves the MITM problem,
then you tell me, I'm talking "BS", and that your password practically
can't be broken. But no matter how secure your password is, the MITM
problem is always there without public keys.

Your multi-layered security model isn't necessarily totally useless, but
it adds only linear complexity for an attacker. Maybe the attacker
needs a week instead of a day, if he finds that your SSH implementation
is buggy. What's the difference? Your system is compromised anyway,
whether immediately or after a week.

At least I'm so honest to agree with you, where it's appropriate.
That's an act of respect, which you don't show. If you really don't
know how to defend yourself anymore, then you just ignore the offending
paragraphs, not responding to them at all. No problem with this -- it's
your choice. But for us, although you do have some minor knowledge, you
appear as an infant.

There is one thing many people forget: A discussion is not a game,
where there is a winner and a loser. A discussion should help analyze
opposing opinions, find flaws in both and probably find better
solutions. A lot of free or open source programs got established that
way. Certainly, there are totally bad and foolish opinions and views
out there, but then they aren't worth discussing. But your opinion is
not of that kind, which is why I tried again to have a mature discussion
with you. And I failed. I won't try again either, because you can only
flame, unable to discuss in a mature manner.

I'm really just repeating myself here, and you are, too. So don't
bother replying to this post. I won't respond.