Bug 245966
Summary: | RFE: Allow SSH throttling to discourage brute force attacks | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Danny D'Amours <danny.damours> |
Component: | system-config-firewall | Assignee: | Thomas Woerner <twoerner> |
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | rawhide | CC: | poelstra, redhat-bugzilla |
Target Milestone: | --- | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-11-06 19:30:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Danny D'Amours
2007-06-27 17:51:09 UTC
There will be a new firewall configuration tool for Fedora, soon. Mechanisms like this are on the todo list. Assigning to system-config-firewall in devel. Adding FutureFeature keyword to RFE's. The ability to block hosts which repeatedly fail to login is provided by the denyhosts package. Should this RFE remain open? denyhosts certainly does the job but I think a GUI to enabled denyhosts and to change the config in system-config-firewall or its replacement is necessary to help expose this functionality. Is there any chance that denyhosts (with fairly lax restrictions) would be considered to be enabled on default installs? I can't think of a valid use case where an IP should continually bang on a server with bad passwords. Closing because there will not be big changes to system-config-firewall anymore. |