[UFO Chicago] Tripwire to shut off ssh access to a host?
Nate Riffe
inkblot at movealong.org
Fri Nov 17 12:58:13 PST 2006
Me said this (probably recently):
> Jordan Bettis said this (probably recently):
> > Also it appearently blocks the fourth connection
> > attempt along with the subsequent ones. So with
> > that setup you're allowed three connection attempts
> > in a minute.
>
> It only blocks a packet if the previous three packets that met the
> criteria arrived within the last second.
pardon me, *60* seconds.
> So, the fifth will only be
> blocked if the fourth, third and second packets occurred in the 60
> seconds prior to the fifth. The first packet is really no londer
> relevant.
--
--< ((\))< >----< inkblot at movealong.org >----< http://www.movealong.org/ >--
pub 1024D/05A058E0 2002-03-07 Nate Riffe (06-Mar-2002) <inkblot at movealong.org>
Key fingerprint = 0DAC F5CB D182 3165 D757 C466 CD42 12A8 05A0 58E0
More information about the ufo
mailing list