Netonix Forums

I have no idea why searching for "tarpit" brings up nothing as I know it's been discussed.
In the new firmware version (1.1.x)what does putting in an "allowed IP address" do? Does that prohibit logging in from any other IP? Or does that just not throttle attempts from that IP?

If you provide allowed IP's only those IPs can access the UI/CLI/SNMP

Tarpit affects the UI. If you do not limit what IPs can access the switch UI then a Tarpit is recommended, pretty self explanatory, I think?

Tarpit does not affect SSH attempts currently but we may implement it later but the SSH program we use does have it's own brute force counter measures.

Yes... pretty straight forward, I just wanted to confirm that was in fact how it operated before I started putting IPs in the list :)

mhoppes wrote:Yes... pretty straight forward, I just wanted to confirm that was in fact how it operated before I started putting IPs in the list :)

Yea, it will warn you if you are about to apply a list of allowed IP's that do not include your current IP but this is meant as an OH shit for dummies and one should not rely on this and should think things through or you are adding to why buckets have pictures of babies drowning in them and warning not stand on the top step, or not to use your lawn mower to trim your hedges. We do TRY to prevent stupid mistakes but people should think about what they are doing and not rely on us holding your hand all the time, this switch is designed for PROFESSIONALS not the consumer market!!!!!

sirhc wrote:We do TRY to prevent stupid mistakes but people should think about what they are doing and not rely on us holding your hand all the time, this switch is designed for PROFESSIONALS not the consumer market!!!!!

A definition of "professional" is someone that is paid for their work. Since I am not paid enough for this work, at best I could only be described as semi-professional. Am I out of my league amongst "professionals"?

RebusCom wrote:

sirhc wrote:We do TRY to prevent stupid mistakes but people should think about what they are doing and not rely on us holding your hand all the time, this switch is designed for PROFESSIONALS not the consumer market!!!!!

A definition of "professional" is someone that is paid for their work. Since I am not paid enough for this work, at best I could only be described as semi-professional. Am I out of my league amongst "professionals"?