[Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit

[Gary Leons]

On 2/28/06, GroundZero Security <fd at g-0.org> wrote:
> you may be able to add a bogus ip (wow your l33t), but it wouldnt be of any use so...

Uhh, no use? -s accepts a netmask as well as addresses, it's not just
"add a bogus ip", I can effectively kick your machine off the network.
Apart from that the code looks very flimsy, I'll bet there's an
arbitrary command execution in there somewhere.

> instead of beeing a smartass why dont you provide a better solution for the people who are annoyed by
> those bruteforce attacks?

Why dont you parse the output of lastb -i, dumbass.