Always remember, however, to be careful that this doesn't open you up to an easy denial-of-service attack. If all somebody has to do is try to log in a half-dozen times to lock out the IP address they're connecting from, you may be making it possible for them to attack your operation without breaking into your machine.
An excellent point, although if they're doing this from their own, valid IP it seems they're DOSing themselves.
"5 or 6" login attempts doesn't remotely constitute a "brute force" attack. From what I've seen on my own machine, these attempts seem to be trying passwords from a particular Linux distribution that shipped with default passwords on a number of accounts. Sometimes it makes me feel better to lock out such "attacks," but I don't actually kid myself into thinking that I'm either improving my own security or inconveniencing the attacker noticeably.
There's been discussion of this specific script around and speculation as to who patrick, rolo and horde are. Since the script isn't actually doing anything *clever*, it's probably not worth confronting with tools. I am, however, curious as to *how* to confront it with tools, on account of I have lots and lots to learn about security and have been relying more or less on the sensibilities of FreeBSD's default install.
-- Carleton Vaughn College Park, Georgia, USA _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
