Displaying 3 results from an estimated 3 matches for "dnris".
Did you mean:
dnis
2018 Feb 25
2
RFC 8305 Happy Eyeballs in OpenSSH
Has anyone checked to make sure that this won't upset sshguard? [1]
Offhand, it looks like it will [2][3].
[1] https://www.sshguard.net/
[2] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-9
[3]
2018 Feb 27
7
RFC 8305 Happy Eyeballs in OpenSSH
>>> TL;DR: please try the patch out and report if it causes "Did not receive
>>> identification string" log messages. I believe it does not.
Aw crap. My homegrown anti-dos tool for ssh looks for either DNRIS or
if logging is verbose enough a connection that didn't result in a
login. I give the attacker a few tries and whitelist any successful
candidate so I should be ok, but things are getting a bit riskier.
I'm a big fan of happy eyeballs in general so I hope there is some way
to allow happy...
2018 Feb 26
2
RFC 8305 Happy Eyeballs in OpenSSH
Hi,
On Mon, Feb 26, 2018 at 11:32:26AM +0000, Kim Minh Kaplan wrote:
> TL;DR: please try the patch out and report if it causes "Did not receive
> identification string" log messages. I believe it does not.
It depends on absolute RTT to the target. If you stay local ("< 50ms"),
the 250ms offset should reliably avoid DNIS logs. If you happen to
connect to Australia