Single Packet Authentication is a far better solution.
Posted May 14, 2008 20:56 UTC (Wed) by shapr
In reply to: Linux botnets
Parent article: Linux botnets
I prefer Single Packet Authentication. The great advantage of SPA is that brute force scanners never know there's a service running.
The general case is, don't show headers when a user connects, just accept a connection when there's a correct login, and silently drop packets for illegal logins. That approach would dramatically reduce the attack surface for servers.
to post comments)