RFC 8305 Happy Eyeballs in OpenSSH
Michael Ströder
michael at stroeder.com
Wed Feb 28 22:03:03 AEDT 2018
Damien Miller wrote:
> Anti-authentication brute force scripts should probably look for actual
> auth attempts rather than connections; those are well-mitigated by
> MaxStartups already...
Hmm, looking at the man-page this does not use the source IP. So an
active MaxStartups setting can easily be abused for low-level DoS attack
locking out the real admin accessing SSH demon from its e.g. internal IP.
AFAICT most other tools set limits based on source IP.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3829 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20180228/b8ef21c4/attachment.p7s>
More information about the openssh-unix-dev
mailing list