[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata



On 10/05/2016 02:39 PM, Andreas Krey wrote:
> On Wed, 05 Oct 2016 13:48:19 +0000, Mirimir wrote:
> ...
>> exits unpredictably unreliable. On the other hand, IPS that only blocked
>> automated crap would be a win for real users, relay operators and ISPs,
>> no? Why should "... ssh foo@w.x.y.z ... ssh bar@w.x.y.z ... ssh
>> baz@w.x.y.z ..." get through, if it destroys exits? Maybe someone could
>> forget their username. But maybe after 10-20 tries, can't we safely
>> assume that they're brute forcing logins?
> 
> No.
> 
>   for i in subdir/*; do ssh host mkdir -p "$i"; done
> 
> with an ssh-agent would look pretty exactly the same to the exit node.

OK, so I left out the "Permission denied, please try again." bits :)

> Andreas
> 
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays