hi, first of all brute force or dictionary attack, but I haven't seen a brute force attack on usernames for a long time now ... (not even script kiddies are that dumb).
second: I don't know how it is compiled, but I suggest if you are vaguely familiar with the process of compiling, download the src.rpm of openssh and look at the configure line, if there is nothing helpful, unpack and ./configure the tarball from the src.rpm yourself, when you find the switch, make a bugzilla entry on bugs.trustix.org, asking for aktivation of that switch for the compile of the distro package. if it is (or should be) compiled with tcp_wrappers support it is even more important that you find the bug, b/c there might be others relying on tcp_wrappers to work in that package. matthias On 05.08.2006, at 17:42, Duncan Brown wrote: > Hey all > > I am forever being bombarded with the current plague of ssh brute > force > dictionary attacks. > > In an effort to stop this, I was planning on using Denyhosts. However > when I tested my sshd config to see if it would work, as detailed > here: > > http://denyhosts.sourceforge.net/ssh_config.html > > it connected fine. So i guess I haven't got sshd running with tcp > wrappers. > > How do I go about doing this? > > Thanks > > Dunc > _______________________________________________ > tsl-discuss mailing list > [email protected] > http://lists.trustix.org/mailman/listinfo/tsl-discuss _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
