On Fri, Aug 7, 2009 at 4:12 PM, sriram<[email protected]> wrote: > there are several ways to limit those script attacks - more like > security by design. for example, one could do rate limiting of incoming > connections using iptables. to rate limit ssh connections to 3 per minute from > any single ip address, one would do something like
+1 Since many of my servers are directly accessible over ssh from the internet, I make it standard practice to rate limit new ssh connections. My logs are looking much happier. To the OP: Why permit external access to SMTP in the first place? To address this problem at a higher level, make all clients come through a VPN before accessing any internal servers. OpenVPN is a great solution. At work I'm using a cheap Linksys WRT54GL wireless router with the TomatoVPN firmware (tomato firmware + openvpn), and ~10 WinXP/Linux laptops connect through it. Works great. Given better hardware, OpenVPN can handle far more clients and network traffic. - Raja _______________________________________________ To unsubscribe, email [email protected] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
