Package: openssh-server Version: 1:4.1p1-6 Severity: wishlist In a recent whitedust article[1] about the current ssh brute force attacks, they discuss ways to prevent the spread of these worms. One of the counter-measures is "tattle"[2], a program to automatically report brute-force attempts to the abuse address of the netblock of the attacker. The other is an "anomaly detection driver". Would be nice if these were added to the openssh-server package and tattle configured to run and automatically mail the sysadmin, who would then forward abuse reports as s/he saw fit.
1. http://www.whitedust.net/article/27/Recent%20SSH%20Brute-Force%20Attacks/ 2. http://sodaphish.com/files/tattle 3. http://www.ranum.com/security/computer_security/code/ -- bye, pabs http://qa.debian.org/developer.php?login=Paul+Wise&comaint=yes
signature.asc
Description: This is a digitally signed message part
