HomeWhitelisting IP ranges: preventing DoS

Reply to comment

Whitelisting IP ranges: preventing DoS

Sun, 2005–Oct–30

Hi,

I like your answer to the ssh scanning attacks.

However, could I ask that you add a whitelisting feature?
For instance, as is added to this product: http://www.pettingers.org/code/sshblack.html#regex

The problem is that attackers could spoof the source IP address of ssh logon attempts to come from your own network, locking yourself out of your machine. This effectively is a Denial of Service, as your are unable to then connect to your own machine (it denies you service).

The simplest avoidance measure would be for BlockHosts to add a whitelisting feature, which prevented matching regexs from being blocked. This would mean that you could always guarentee to be able to connect to the server from that IP address.

Regards

Craig Macdonald

Reply

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <b> <span> <pre> <hr>
  • Lines and paragraphs break automatically.
  • You may use [acidfree:xx] tags to display acidfree videos or images inline.
  • [l:URL text] input tags replaced with HTML links. URL may be Drupal internal path. [ Link Filter Tips ]

More information about formatting options