assurance - Re: [Assurance] Counting Failed Logins Update
Subject: Assurance
List archive
- From: "Cantor, Scott" <>
- To: "" <>
- Subject: Re: [Assurance] Counting Failed Logins Update
- Date: Tue, 25 Jun 2013 21:18:16 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none
On 6/25/13 4:57 PM, "Joe St Sauver"
<>
wrote:
>
>I think it varies from site to site. If you're not blocking ssh at your
>border, and you're not taking other measures to limit ssh attacks
>(such as using port knocking) I virtually guarantee that you'll see
>ssh attempts against any Internet-exposed sshd's.
Yes, but presuming that those have no connection to your enterprise
accounts, as ours do not, it's an unrelated source of issues. Personally I
don't advocate any use of passwords on servers, ever.
If and when that were to change and if we had ssh exposed, it would
introduce brute forcing, I agree.
That's a useful point.
-- Scott
- [Assurance] Counting Failed Logins Update, Benn Oshrin, 06/21/2013
- <Possible follow-up(s)>
- Re: [Assurance] Counting Failed Logins Update, Joe St Sauver, 06/21/2013
- Re: [Assurance] Counting Failed Logins Update, Brendan Bellina, 06/25/2013
- Re: [Assurance] Counting Failed Logins Update, Cantor, Scott, 06/25/2013
- RE: [Assurance] Counting Failed Logins Update, Capehart,Jeffrey D, 06/25/2013
- Re: [Assurance] Counting Failed Logins Update, Brendan Bellina, 06/25/2013
- Re: [Assurance] Counting Failed Logins Update, Joe St Sauver, 06/25/2013
- Re: [Assurance] Counting Failed Logins Update, Joe St Sauver, 06/25/2013
- Re: [Assurance] Counting Failed Logins Update, Cantor, Scott, 06/25/2013
Archive powered by MHonArc 2.6.16.