Prevent ssh connection slot DoS: CVE-2010-5107
Posted: 08 Aug 2013, 18:35
Is there some way that CSF can be used to effectively prevent the attack described in CVE-2010-5107? I'm not overly concerned about this issue (it *has* existed for 11 years, after-all) but the third-party company that does security scans for PCI compliance wants it resolved. The suggested solution is to upgrade OpenSSH to 6.2 to use new feature that mitigate this risk but 6.2 is very new and there are no readily available packages for it on my distro (Debian Squeeze). So since I am already using CSF I was wondering if there was a way to use CSF for this.
Does CSF count a timed-out login as a failed login attempt? If so then CSF already does mitigate this to an extent..
Thanks,
Colin
Does CSF count a timed-out login as a failed login attempt? If so then CSF already does mitigate this to an extent..
Thanks,
Colin