Full Disclosure mailing list archives
Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit
From: "GroundZero Security" <fd () g-0 org>
Date: Thu, 2 Mar 2006 17:51:34 +0100
ok i may have mad a mistacke i admit it, but you have no right to be so insulting you fucking prick. whatever go send your flames to /dev/null next time. you seem to have too much time on your hands if you can waste your time with idiotic stuff like this. my guess is you do that for your ego. anyhow i have better things to do than waste my time arguing with you. sorry for my mistacke, but it doesnt justify your behaviour at all. I guess once you grow up you will notice that insults wont solve anything. sorry to the list for all this nonsense it should stop now :-) what i originally intended was to help out a little, but i guess its not much appriciated if its not foolproof, so i wont supply any quick scripts anymore. Thanks anyhow to those who provided serious comments. ----- Original Message ----- From: "Gary Leons" <tastytastybeef () googlemail com> To: "GroundZero Security" <fd () g-0 org> Cc: <full-disclosure () lists grok org uk> Sent: Thursday, March 02, 2006 5:40 PM Subject: Re: [Full-disclosure] reduction of brute force login attempts via SSHthrough iptables --hashlimit
On 3/2/06, GroundZero Security <fd () g-0 org> wrote:Well i dont want to destroy your happy time where you can feel superior, but if you would read the manpage of lastb you would notice that this approach wont work at all. lastb just shows successfull logins! not all the attempted logins....we discussed that before though, so better pay attention next time.Holy crap, you must be the dumbest man alive. I really hope nobody has ever hired you for any security related work, if they have, I would advise them to get a second opinion or third party audit of any code provided. If you had scrolled down 20 LINES in the man page, you wold have seen "Lastb is the same as last, except that by default it shows a log of the file /var/log/btmp, which contains all the bad login attempts.", maybe you have bad eyesight, let me blow that text up for you: BAD LOGIN ATTEMPTS, ok? clear now? good.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- reduction of brute force login attempts via SSH through iptables --hashlimit Jay Libove (Mar 01)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit GroundZero Security (Mar 01)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit Giancarlo Razzolini (Mar 01)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit nocfed (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit GroundZero Security (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit Gary Leons (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit GroundZero Security (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit Benjamin Bennett (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit Gary Leons (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit GroundZero Security (Mar 02)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit GroundZero Security (Mar 01)
- Re: reduction of brute force login attempts viaSSHthrough iptables --hashlimit Dave Korn (Mar 03)
- Re: Re: reduction of brute force login attemptsviaSSHthrough iptables --hashlimit GroundZero Security (Mar 03)