On Tue, Jul 21, 2009 at 10:42 AM, Nathan Eisenberg <[email protected]>wrote:
> Hello Paul, > > I've considered that, but in this instance, it's not an option. I agree > that limiting exposure is a good first step, but I think brute force > protection regardless of source address could be a valuable next step. SSH > keys ensure that the accounts won't actually be breached; it's just > irritating to me that clearly hostile traffic is allowed to attack the > service for as long as it pleases. > > Plus it clutters up the logs and uses some CPU/bandwidth resources - and > while I have plenty of both, 'waste not, want not'! :) Amen. db
