PUBLIC MARKS from micah with tags security & firewall

SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.

Today I got a burr in my saddle again about SSH brute force attacks after finding thousands of attacks from a single machine against a couple of our network hosts. Unable to find a suitable solution, I went ahead and wrote my own.

BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans.

sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output and generating iptables rules, the process can be quick enough to block an attack before they get a chance to enter any password at all.

Let me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good ideas. They come from misguided attempts to ignore reality. These dumb ideas are the fundamental reason(s) why all that money you spend on information security is going to be wasted.

Routers, and in particular Cisco routers, are often deployed in various parts of a firewall system, for example as border and choke packet filters. As such, they can be high-value targets for attackers. This paper provides a simple methodology and specific examples for securing Cisco routers running IOS.

As it turns out, our many contributors to this article had a lot to say -- but precious little to say on record. Names may be withheld, but the lessons are still potent.