[Beowulf] Re: "hobbyists"

Perry E. Metzger perry at piermont.com
Fri Jun 20 18:44:20 PDT 2008


Joe Landman <landman at scalableinformatics.com> writes:
>   I wrote a tool called "danger" that parses the ssh logs, the
> /etc/hosts.deny logs, and makes ... recommondations about what to
> add. Based upon who has been attacking you.  This pre-dated denyhosts
> by a bit.  I still run it, and it gives me a nightly summary of the
> bad guys.

As my post said earlier, there are probably 30 such tools out there
already. Generally speaking, I don't think they're worth using, except
perhaps as a way to keep your logs a bit emptier.

The easiest way to get safety is just to turn off password based login
via sshd and only allow public key, kerberos, or other methods that do
not involve reusable credentials that go over the wire.

Perry
-- 
Perry E. Metzger		perry at piermont.com



More information about the Beowulf mailing list