I am still adjusting firewall rules to minimize the information available to a potential attacker both in terms of choosing targets and determining the effectiveness of an attack.  I am having some problems trying to sort out why only allowing ssh and icmp through to certain hosts results in a password failure.  I attempting to avoid disrupting legitimate traffic but some experimentation is needed to determine what is going on.

     I had intended to post this to Eskimo North News.  Since it is already posted here I’ll leave it since there will be references from other social media.

     I have since discovered what was causing password failures.  I had neglected to allow DNS packets so Iglulik’s TCP wrappers could not identify the originating host and determined if it was allowed to connect.