SSH IP blocking?
Bart Silverstrim
bsilver at chrononomicon.com
Wed Apr 9 19:09:36 UTC 2008
Felipe Figueiredo wrote:
> On Wed 09 Apr 2008 15:43:02 Bart Silverstrim wrote:
>
>> sudo /etc/rc.d/init.d/denyhosts restart. I configured it to download
>> (and upload) lists to share bans and it REALLY populated the deny list,
>
> How hard is it make such an upload? Do you have to be authencated in some
> form? If not, this can be seriously abused. In fact, some such script
> kiddie could use it to block arbitrary IPs.
It's not hard, it's just a setting in the file.
No authentication.
As for the abuse, I don't know of it happening...it most likely could,
but it doesn't make much sense if it doesn't lock out access from your
own machine and your whitelists even if they're in the list for
denyhosts. All they'd do is lock themselves out from being able to
abuse your system.
More information about the ubuntu-users
mailing list